thumbgate 1.27.6 → 1.27.8

package/public/learn.html

@@ -4,7 +4,7 @@
 <meta charset="UTF-8">
 <meta name="viewport" content="width=device-width, initial-scale=1.0">
 <title>Learn — AI Agent Safety, Pre-Action Checks, and Vibe Coding Guardrails</title>
-<script defer data-domain="thumbgate-production.up.railway.app" src="https://plausible.io/js/script.js"></script>
+<script defer data-domain="thumbgate.ai" src="https://plausible.io/js/script.js"></script>
 <meta name="description" content="Practical guides for stopping AI coding agent mistakes. Learn about pre-action checks, MCP guardrails, feedback-driven enforcement, and vibe coding safety for Claude Code, Cursor, Codex, and more.">
 <meta name="keywords" content="AI agent safety, pre-action checks, vibe coding guardrails, Claude Code mistakes, Cursor agent memory, MCP server hooks, AI coding agent feedback, ThumbGate guides">
 <meta property="og:title" content="Learn — AI Agent Safety Guides by ThumbGate">
@@ -22,7 +22,7 @@
   "name": "ThumbGate Learning Hub",
   "description": "Practical guides for AI coding agent safety, pre-action checks, and vibe coding guardrails.",
   "url": "https://thumbgate.ai/learn",
-  "dateModified": "2026-04-20",
+  "dateModified": "2026-06-06",
   "author": {
     "@type": "Person",
     "name": "Igor Ganapolsky",
@@ -145,38 +145,56 @@
       {
         "@type": "ListItem",
         "position": 10,
+        "url": "https://thumbgate.ai/guides/hermes-agent-guardrails",
+        "name": "Hermes Agent Guardrails for Self-Improving Agents"
+      },
+      {
+        "@type": "ListItem",
+        "position": 11,
+        "url": "https://thumbgate.ai/guides/agent-context-governance",
+        "name": "Agent Context Governance for Long-Running Agents"
+      },
+      {
+        "@type": "ListItem",
+        "position": 12,
         "url": "https://thumbgate.ai/guides/roo-code-alternative-cline",
         "name": "Roo Code Alternative: Migrating to Cline with Portable Lesson Memory"
       },
       {
         "@type": "ListItem",
-        "position": 11,
+        "position": 13,
         "url": "https://thumbgate.ai/guides/browser-automation-safety",
         "name": "Browser Automation Safety for AI Agents"
       },
       {
         "@type": "ListItem",
-        "position": 12,
+        "position": 14,
         "url": "https://thumbgate.ai/guides/native-messaging-host-security",
         "name": "Native Messaging Host Security"
       },
       {
         "@type": "ListItem",
-        "position": 13,
+        "position": 15,
         "url": "https://thumbgate.ai/guides/ai-search-topical-presence",
         "name": "AI Search Topical Presence"
       },
       {
         "@type": "ListItem",
-        "position": 14,
+        "position": 16,
         "url": "https://thumbgate.ai/guides/relational-knowledge-ai-recommendations",
         "name": "Relational Knowledge in AI Recommendations"
       },
       {
         "@type": "ListItem",
-        "position": 15,
+        "position": 17,
         "url": "https://thumbgate.ai/guides/ai-deployment-readiness",
         "name": "AI Deployment Readiness Before Production Rollout"
+      },
+      {
+        "@type": "ListItem",
+        "position": 18,
+        "url": "https://thumbgate.ai/guides/database-agent-safety",
+        "name": "Database Safety for AI Agents"
       }
     ]
   }
@@ -423,6 +441,14 @@
   <h2>Popular buyer questions</h2>
   <p class="section-intro">These are the high-intent guides for buyers who already know the pain and want to understand where ThumbGate fits fast.</p>
   <div class="article-grid">
+    <a href="/guides/database-agent-safety" class="article-card">
+      <h3>Database Safety for AI Agents</h3>
+      <p>Block hallucinated SQL writes, migrations, role grants, and production database changes before an agent can touch live data.</p>
+      <span class="article-tag">Database</span>
+      <span class="article-tag">SQL</span>
+      <span class="article-tag">Production Safety</span>
+    </a>
+
     <a href="/guides/ai-deployment-readiness" class="article-card">
       <h3>AI Deployment Readiness Before Production Rollout</h3>
       <p>Use one priority workflow to map tools, data, controls, pre-action gates, and proof before an AI deployment team ships into production.</p>
@@ -439,6 +465,22 @@
       <span class="article-tag">Recommendation</span>
     </a>
 
+    <a href="/guides/agentic-web-governance" class="article-card">
+      <h3>Agentic Web Governance</h3>
+      <p>Bots already outnumber humans in HTML requests. ThumbGate turns that agentic-web shift into pre-action governance before AI agents touch real systems.</p>
+      <span class="article-tag">Agentic Web</span>
+      <span class="article-tag">AI Search</span>
+      <span class="article-tag">Governance</span>
+    </a>
+
+    <a href="/guides/vllm-serving-guardrails" class="article-card">
+      <h3>vLLM Serving Guardrails</h3>
+      <p>Gate self-hosted inference changes before agents route production work through PagedAttention, batching, prefix-cache, or model-swap optimizations.</p>
+      <span class="article-tag">vLLM</span>
+      <span class="article-tag">LLM Serving</span>
+      <span class="article-tag">Runtime Safety</span>
+    </a>
+
     <a href="/guides/relational-knowledge-ai-recommendations" class="article-card">
       <h3>Relational Knowledge in AI Recommendations</h3>
       <p>How stored brand-to-problem associations shape AI answers, and why ThumbGate should own the pre-action-checks category in those retrieval paths.</p>
@@ -479,6 +521,30 @@
       <span class="article-tag">Enforcement</span>
     </a>
 
+    <a href="/guides/hermes-agent-guardrails" class="article-card">
+      <h3>Hermes Agent Guardrails for Self-Improving Agents</h3>
+      <p>Hermes-style agents bring persistent memory, generated skills, gateways, automations, and sandboxes. ThumbGate adds the pre-action firewall before those agents touch real systems.</p>
+      <span class="article-tag">Hermes Agent</span>
+      <span class="article-tag">Persistent Agents</span>
+      <span class="article-tag">Execution Firewall</span>
+    </a>
+
+    <a href="/guides/safe-self-evolution" class="article-card">
+      <h3>Safe Self-Evolution: Prompt Optimization without Regression</h3>
+      <p>Hermes-style autonomous agents learn by observing failures and rewriting skills. ThumbGate introduces Safe Self-Evolution: weakness mining, automated prompt optimization, verification suites, and atomic git rollbacks.</p>
+      <span class="article-tag">Self-Evolution</span>
+      <span class="article-tag">Harness Optimizer</span>
+      <span class="article-tag">Verification Gate</span>
+    </a>
+
+    <a href="/guides/agent-context-governance" class="article-card">
+      <h3>Agent Context Governance for Long-Running Agents</h3>
+      <p>AdaCoM, tokenmaxxing backlash, Managed Agents, lockdown modes, and model-provenance scares all point to one need: clean context and tool gates before agents act.</p>
+      <span class="article-tag">Context Governance</span>
+      <span class="article-tag">Tool Lockdown</span>
+      <span class="article-tag">Model Provenance</span>
+    </a>
+
     <a href="/guides/roo-code-alternative-cline" class="article-card">
       <h3>Roo Code Alternative: Migrate to Cline Without Losing Agent Memory</h3>
       <p>Use the Roo shutdown window to pitch portable lesson memory and local-first enforcement instead of making operators re-teach the same failures after they switch.</p>
@@ -519,5 +585,6 @@
   </div>
 </div>
 
+<script src="/js/buyer-intent.js"></script>
 </body>
 </html>

package/public/lessons.html

@@ -6,7 +6,7 @@
 <title>ThumbGate — Lessons Learned</title>
 <link rel="icon" type="image/png" href="/thumbgate-icon.png">
 <link rel="apple-touch-icon" href="/assets/brand/thumbgate-mark.svg">
-<script defer data-domain="thumbgate-production.up.railway.app" src="https://plausible.io/js/script.js"></script>
+<script defer data-domain="thumbgate.ai" src="https://plausible.io/js/script.js"></script>
 <script type="application/ld+json">
 {
   "@context": "https://schema.org",
@@ -1184,6 +1184,7 @@ async function submitFeedback() {
   btn.disabled = false; btn.textContent = 'Submit';
 }
 </script>
+<script src="/js/buyer-intent.js"></script>
 
 </body>
 </html>

package/public/numbers.html

@@ -15,7 +15,7 @@
 <link rel="canonical" href="https://thumbgate.ai/numbers">
 <link rel="icon" type="image/png" href="/thumbgate-icon.png">
 <link rel="apple-touch-icon" href="/apple-touch-icon.png">
-<script defer data-domain="thumbgate-production.up.railway.app" src="https://plausible.io/js/script.js"></script>
+<script defer data-domain="thumbgate.ai" src="https://plausible.io/js/script.js"></script>
 
 <script type="application/ld+json">
 {
@@ -25,7 +25,7 @@
   "alternateName": "thumbgate",
   "applicationCategory": "DeveloperApplication",
   "operatingSystem": "Cross-platform, Node.js >=18.18.0",
-  "softwareVersion": "1.27.6",
+  "softwareVersion": "1.27.8",
   "url": "https://thumbgate.ai/numbers",
   "dateModified": "2026-05-07",
   "creator": {
@@ -202,7 +202,7 @@
 <main class="container">
   <h1>The Numbers</h1>
   <p class="subtitle">Generated first-party operational snapshot from the ThumbGate runtime. This is not customer traction, install volume, revenue, or proof that a configured gate has fired.</p>
-  <div class="freshness">Updated: 2026-05-07 · Version 1.27.6</div>
+  <div class="freshness">Updated: 2026-05-07 · Version 1.27.8</div>
   <div class="truth-note"><strong>Read this first:</strong> configured checks are inventory. Recorded blocks and warnings are usage evidence. This snapshot currently reports 0 recorded hard-block event(s) and 0 recorded warning event(s).</div>
 
   <h2>Gate enforcement</h2>

package/public/pricing.html

@@ -16,7 +16,7 @@ __GOOGLE_SITE_VERIFICATION_META__
 <link rel="icon" type="image/png" href="/thumbgate-icon.png">
 <link rel="apple-touch-icon" href="/assets/brand/thumbgate-mark.svg">
 
-<script defer data-domain="thumbgate-production.up.railway.app" src="https://plausible.io/js/script.tagged-events.js"></script>
+<script defer data-domain="thumbgate.ai" src="https://plausible.io/js/script.tagged-events.js"></script>
 __GA_BOOTSTRAP__
 
 <script>
@@ -28,6 +28,57 @@ __GA_BOOTSTRAP__
   const proPriceDollars = Number('__PRO_PRICE_DOLLARS__') || 19;
 </script>
 
+<script>
+  window.thumbgatePricingTelemetry = window.thumbgatePricingTelemetry || {};
+  window.trackPricingTelemetry = function(eventType, data) {
+    const params = new URLSearchParams(window.location.search);
+    const payload = Object.assign({
+      eventType,
+      clientType: 'web',
+      page: '/pricing',
+      source: params.get('utm_source') || 'pricing',
+      utmSource: params.get('utm_source') || 'pricing',
+      utmMedium: params.get('utm_medium') || 'pricing_page',
+      utmCampaign: params.get('utm_campaign') || 'pricing_page',
+      utmContent: params.get('utm_content') || null,
+      utmTerm: params.get('utm_term') || null,
+      traceId: params.get('trace_id') || null,
+      acquisitionId: params.get('acquisition_id') || serverAcquisitionId || null,
+      visitorId: params.get('visitor_id') || serverVisitorId || null,
+      sessionId: params.get('visitor_session_id') || params.get('session_id') || serverSessionId || null,
+      referrer: document.referrer || null,
+      landingPath: '/pricing'
+    }, data || {});
+    const body = JSON.stringify(payload);
+    if (navigator.sendBeacon) {
+      navigator.sendBeacon('/v1/telemetry/ping', new Blob([body], { type: 'application/json' }));
+      return;
+    }
+    fetch('/v1/telemetry/ping', {
+      method: 'POST',
+      headers: { 'content-type': 'application/json' },
+      body,
+      keepalive: true
+    }).catch(function(){});
+  };
+  document.addEventListener('DOMContentLoaded', function() {
+    trackPricingTelemetry('pricing_page_view', { serverTelemetryCaptured });
+    document.querySelectorAll('[data-pricing-cta]').forEach(function(link) {
+      link.addEventListener('click', function() {
+        trackPricingTelemetry('pricing_cta_click', {
+          ctaId: link.getAttribute('data-cta-id') || null,
+          ctaPlacement: link.getAttribute('data-cta-placement') || 'pricing',
+          tier: link.getAttribute('data-tier') || null,
+          planId: link.getAttribute('data-plan-id') || null,
+          billingCycle: link.getAttribute('data-billing-cycle') || null,
+          price: link.getAttribute('data-price') || null,
+          href: link.getAttribute('href') || null
+        });
+      });
+    });
+  });
+</script>
+
 <script type="application/ld+json">
 {
   "@context": "https://schema.org",
@@ -38,8 +89,8 @@ __GA_BOOTSTRAP__
   "url": "__APP_ORIGIN__/pricing",
   "offers": [
     { "@type": "Offer", "name": "ThumbGate CLI (Free)", "price": "0", "priceCurrency": "USD" },
-    { "@type": "Offer", "name": "ThumbGate Pro Monthly", "price": "__PRO_PRICE_DOLLARS__", "priceCurrency": "USD", "url": "__APP_ORIGIN__/checkout/pro?plan_id=pro&billing_cycle=monthly&landing_path=%2Fpricing" },
-    { "@type": "Offer", "name": "ThumbGate Pro Annual", "price": "149", "priceCurrency": "USD", "url": "__APP_ORIGIN__/checkout/pro?plan_id=pro&billing_cycle=annual&landing_path=%2Fpricing" },
+    { "@type": "Offer", "name": "ThumbGate Pro Monthly", "price": "__PRO_PRICE_DOLLARS__", "priceCurrency": "USD", "url": "__APP_ORIGIN__/checkout/pro?confirm=1&plan_id=pro&billing_cycle=monthly&landing_path=%2Fpricing" },
+    { "@type": "Offer", "name": "ThumbGate Pro Annual", "price": "149", "priceCurrency": "USD", "url": "__APP_ORIGIN__/checkout/pro?confirm=1&plan_id=pro&billing_cycle=annual&landing_path=%2Fpricing" },
     { "@type": "Offer", "name": "ThumbGate Enterprise", "priceCurrency": "USD", "url": "__APP_ORIGIN__/#workflow-sprint-intake" }
   ]
 }
@@ -50,7 +101,7 @@ __GA_BOOTSTRAP__
   "@context": "https://schema.org",
   "@type": "FAQPage",
   "mainEntity": [
-    { "@type": "Question", "name": "What does Pro add over the free CLI?", "acceptedAnswer": { "@type": "Answer", "text": "Free gives you 5 captures/day and 3 active rules, running entirely on your machine. Pro is the hosted layer: unlimited captures, unlimited rules, lesson sync across machines, a dashboard without self-hosting, managed adapter updates, and DPO export. You're paying for infrastructure we run, not features we hide." } },
+    { "@type": "Question", "name": "What does Pro add over the free CLI?", "acceptedAnswer": { "@type": "Answer", "text": "Free gives you 2 captures/day and 3 active rules, running entirely on your machine. Pro is the hosted layer: unlimited captures, unlimited rules, lesson sync across machines, a dashboard without self-hosting, managed adapter updates, and DPO export. You're paying for infrastructure we run, not features we hide." } },
     { "@type": "Question", "name": "Does ThumbGate send my code to the cloud?", "acceptedAnswer": { "@type": "Answer", "text": "No. The CLI is local-first — no data leaves your machine. Pro and Enterprise add hosted sync for dashboards and shared lessons, but your source code stays local." } },
     { "@type": "Question", "name": "When should I pick Enterprise over Pro?", "acceptedAnswer": { "@type": "Answer", "text": "When one engineer's correction should protect the whole team. Enterprise shares the lesson database across the org so a fix in one repo prevents the same mistake in every repo." } },
     { "@type": "Question", "name": "Can I cancel anytime?", "acceptedAnswer": { "@type": "Answer", "text": "Yes. Pro and Enterprise are month-to-month with a 7-day refund window on the first charge. Cancel from the billing portal and your subscription ends at the period close." } }
@@ -134,11 +185,9 @@ __GA_BOOTSTRAP__
     padding: 3px 12px; border-radius: 6px;
     font-size: 11px; font-weight: 700; letter-spacing: 0.5px; text-transform: uppercase;
   }
-  .price-card.team-card { border-color: rgba(74, 222, 128, 0.45); box-shadow: inset 0 1px 0 rgba(74, 222, 128, 0.16); }
 
   .tier { font-size: 13px; text-transform: uppercase; letter-spacing: 0.08em; color: var(--text-muted); font-weight: 600; margin-bottom: 8px; }
   .price-card.highlight .tier { color: var(--cyan); }
-  .price-card.team-card .tier { color: var(--green); }
 
   .price { font-size: 40px; font-weight: 700; letter-spacing: -0.03em; margin-bottom: 4px; }
   .price span { font-size: 16px; color: var(--text-dim); }
@@ -147,7 +196,6 @@ __GA_BOOTSTRAP__
   .price-card ul { list-style: none; padding: 0; margin: 0 0 28px; }
   .price-card li { font-size: 14px; color: var(--text-muted); padding: 6px 0; display: flex; align-items: flex-start; gap: 8px; }
   .price-card li::before { content: "\2713"; color: var(--cyan); font-weight: 700; flex-shrink: 0; }
-  .price-card.team-card li::before { color: var(--green); }
 
   /* BUTTONS */
   .btn-install {
@@ -218,7 +266,7 @@ __GA_BOOTSTRAP__
       <a href="/pricing" style="color:var(--text);">Pricing</a>
       <a href="/guide">Guide</a>
       <a href="/dashboard">Dashboard</a>
-      <a class="nav-cta" href="/checkout/pro?utm_source=pricing&utm_medium=nav&utm_campaign=pricing_page&plan_id=pro&landing_path=%2Fpricing">Start Pro</a>
+      <a class="nav-cta" href="/checkout/pro?confirm=1&utm_source=pricing&utm_medium=nav&utm_campaign=pricing_page&cta_id=pricing_nav_start_pro&cta_placement=nav&plan_id=pro&landing_path=%2Fpricing" data-pricing-cta data-cta-id="pricing_nav_start_pro" data-cta-placement="nav" data-tier="pro" data-plan-id="pro" data-billing-cycle="monthly" data-price="19">Start Pro</a>
     </div>
   </div>
 </nav>
@@ -238,13 +286,13 @@ __GA_BOOTSTRAP__
       <div class="price">$0</div>
       <div class="price-sub">Block repeated mistakes daily. Forever free for solo devs.</div>
       <ul>
-        <li>5 feedback captures/day (25 total) — enough to see the value</li>
+        <li>2 feedback captures/day (10 total) — enough to see the value</li>
         <li>Up to 3 active prevention rules</li>
         <li>All MCP integrations (Claude Code, Cursor, Codex, Gemini, Amp)</li>
         <li>PreToolUse hook blocking with built-in safety checks</li>
         <li>Runs 100% local — no account, no signup, no data leaves your machine</li>
       </ul>
-      <a class="btn-install" href="/go/install?utm_source=pricing&utm_medium=free_card" onclick="try{posthog.capture('pricing_cta_click',{cta:'install_free',tier:'free',placement:'pricing_page'})}catch(_){};try{plausible('pricing_cta_click',{props:{cta:'install_free',tier:'free'}})}catch(_){}">Install free</a>
+      <a class="btn-install" href="/go/install?utm_source=pricing&utm_medium=free_card&cta_id=pricing_install_free&cta_placement=free_card" data-pricing-cta data-cta-id="pricing_install_free" data-cta-placement="free_card" data-tier="free" data-plan-id="free" data-price="0" onclick="try{posthog.capture('pricing_cta_click',{cta:'install_free',tier:'free',placement:'pricing_page'})}catch(_){};try{plausible('pricing_cta_click',{props:{cta:'install_free',tier:'free'}})}catch(_){}">Install free</a>
     </div>
 
     <div class="price-card highlight" id="pro">
@@ -262,8 +310,8 @@ __GA_BOOTSTRAP__
         <li><strong>Auto-connect</strong> — new agent surfaces appear automatically after setup</li>
         <li>7-day refund window. Cancel anytime.</li>
       </ul>
-      <a class="btn-pro" href="/checkout/pro?utm_source=pricing&utm_medium=hero_card&utm_campaign=pricing_page&plan_id=pro&landing_path=%2Fpricing" onclick="try{posthog.capture('pricing_cta_click',{cta:'start_pro',tier:'pro',placement:'pricing_page',price:19})}catch(_){};try{plausible('pricing_cta_click',{props:{cta:'start_pro',tier:'pro'}})}catch(_){}">Start Pro — $19/mo</a>
-      <p class="btn-sub">or $149/year (save 35%)</p>
+      <a class="btn-pro" href="/checkout/pro?confirm=1&utm_source=pricing&utm_medium=hero_card&utm_campaign=pricing_page&cta_id=pricing_pro&cta_placement=pricing&plan_id=pro&billing_cycle=monthly&landing_path=%2Fpricing" data-pricing-cta data-cta-id="pricing_pro" data-cta-placement="pricing" data-tier="pro" data-plan-id="pro" data-billing-cycle="monthly" data-price="19" onclick="try{posthog.capture('pricing_cta_click',{cta:'start_pro',tier:'pro',placement:'pricing_page',price:19})}catch(_){};try{plausible('pricing_cta_click',{props:{cta:'start_pro',tier:'pro'}})}catch(_){}">Start Pro — $19/mo</a>
+      <p class="btn-sub">or <a href="/checkout/pro?confirm=1&utm_source=pricing&utm_medium=hero_card_annual&utm_campaign=pricing_page&cta_id=pricing_pro_annual&cta_placement=pricing&plan_id=pro&billing_cycle=annual&landing_path=%2Fpricing" data-pricing-cta data-cta-id="pricing_pro_annual" data-cta-placement="pricing" data-tier="pro" data-plan-id="pro" data-billing-cycle="annual" data-price="149" onclick="try{posthog.capture('pricing_cta_click',{cta:'start_pro_annual',tier:'pro',placement:'pricing_page',price:149})}catch(_){};try{plausible('pricing_cta_click',{props:{cta:'start_pro_annual',tier:'pro'}})}catch(_){}" style="color:var(--cyan);text-decoration:none;font-weight:600;">$149/year (save 35%) →</a></p>
     </div>
 
     <div class="price-card enterprise-card" id="enterprise">
@@ -280,7 +328,7 @@ __GA_BOOTSTRAP__
         <li>Custom policy layers, compliance audit export, approval boundaries, SSO, and dedicated onboarding with SLA</li>
         <li>Rollout starts only after workflow and proof review are explicit</li>
       </ul>
-      <a class="btn-team" href="/?utm_source=pricing&utm_medium=enterprise_card&utm_campaign=enterprise_intake&cta_id=pricing_enterprise_intake&cta_placement=pricing&plan_id=enterprise#workflow-sprint-intake" onclick="try{posthog.capture('pricing_cta_click',{cta:'enterprise_intake',tier:'enterprise',placement:'pricing_page',price:0})}catch(_){};try{plausible('pricing_cta_click',{props:{cta:'enterprise_intake',tier:'enterprise'}})}catch(_){}">Talk to us</a>
+      <a class="btn-team" href="/?utm_source=pricing&utm_medium=enterprise_card&utm_campaign=enterprise_intake&cta_id=pricing_enterprise_intake&cta_placement=pricing&plan_id=enterprise#workflow-sprint-intake" data-pricing-cta data-cta-id="pricing_enterprise_intake" data-cta-placement="pricing" data-tier="enterprise" data-plan-id="enterprise" data-price="0" onclick="try{posthog.capture('pricing_cta_click',{cta:'enterprise_intake',tier:'enterprise',placement:'pricing_page',price:0})}catch(_){};try{plausible('pricing_cta_click',{props:{cta:'enterprise_intake',tier:'enterprise'}})}catch(_){}">Talk to us</a>
       <p class="btn-sub">Custom pricing, scoped through intake so the workflow is explicit before checkout.</p>
     </div>
 
@@ -288,7 +336,7 @@ __GA_BOOTSTRAP__
 
   <div style="text-align:center;margin:32px 0;color:var(--text-muted);font-size:14px;">
     Need founder help? Do not buy a blind diagnostic from a pricing table.
-    <a href="/?utm_source=pricing&utm_medium=scope_first&utm_campaign=enterprise_intake&cta_id=pricing_scope_first&cta_placement=pricing_note&plan_id=enterprise#workflow-sprint-intake" style="color:var(--cyan);text-decoration:none;font-weight:600;" onclick="try{posthog.capture('pricing_cta_click',{cta:'scope_first',tier:'enterprise',price:0})}catch(_){};try{plausible('pricing_cta_click',{props:{cta:'scope_first',tier:'enterprise'}})}catch(_){}">Send the workflow first</a> — then we scope the smallest paid rollout that can prove one repeated failure is blocked.
+    <a href="/?utm_source=pricing&utm_medium=scope_first&utm_campaign=enterprise_intake&cta_id=pricing_scope_first&cta_placement=pricing_note&plan_id=enterprise#workflow-sprint-intake" data-pricing-cta data-cta-id="pricing_scope_first" data-cta-placement="pricing_note" data-tier="enterprise" data-plan-id="enterprise" data-price="0" style="color:var(--cyan);text-decoration:none;font-weight:600;" onclick="try{posthog.capture('pricing_cta_click',{cta:'scope_first',tier:'enterprise',price:0})}catch(_){};try{plausible('pricing_cta_click',{props:{cta:'scope_first',tier:'enterprise'}})}catch(_){}">Send the workflow first</a> — then we scope the smallest paid rollout that can prove one repeated failure is blocked.
   </div>
 </section>
 
@@ -298,7 +346,7 @@ __GA_BOOTSTRAP__
     <div class="faq-list">
       <div class="faq-item">
         <div class="faq-q">What does Pro add over the free CLI?</div>
-        <div class="faq-a">Free gives you 5 captures/day and 3 active rules, running entirely on your machine. Pro is the hosted layer: unlimited captures, unlimited rules, lesson sync across machines, a dashboard without self-hosting, managed adapter updates, and DPO export. You're paying for infrastructure we run, not features we hide.</div>
+        <div class="faq-a">Free gives you 2 captures/day and 3 active rules, running entirely on your machine. Pro is the hosted layer: unlimited captures, unlimited rules, lesson sync across machines, a dashboard without self-hosting, managed adapter updates, and DPO export. You're paying for infrastructure we run, not features we hide.</div>
       </div>
       <div class="faq-item">
         <div class="faq-q">Why not just use an enterprise AI control plane?</div>

package/public/pro.html

@@ -16,7 +16,7 @@ __GOOGLE_SITE_VERIFICATION_META__
 <link rel="apple-touch-icon" href="/assets/brand/thumbgate-mark.svg">
 <meta property="og:image" content="/og.png">
 
-<script defer data-domain="thumbgate-production.up.railway.app" src="https://plausible.io/js/script.js"></script>
+<script defer data-domain="thumbgate.ai" src="https://plausible.io/js/script.js"></script>
 __GA_BOOTSTRAP__
 
 <script>
@@ -37,7 +37,7 @@ __GA_BOOTSTRAP__
 <script type="application/ld+json">
 {
   "@context": "https://schema.org",
-  "@type": "FAQPage", "mainEntity": [{ "@type": "Question", "name": "How is Pro different from the free install?", "acceptedAnswer": { "@type": "Answer", "text": "Free keeps local recall, checks, and MCP. Pro adds the personal dashboard, DPO export, auto-connect, and founder support." } }, { "@type": "Question", "name": "Does Pro require a cloud account?", "acceptedAnswer": { "@type": "Answer", "text": "No. Pro stays local-first; Team is the hosted rollout lane for shared lessons, org visibility, and reviews." } }, { "@type": "Question", "name": "What happens after checkout?", "acceptedAnswer": { "@type": "Answer", "text": "You activate Pro, connect the local dashboard, and inspect blocked actions, lessons, and exports." } }, { "@type": "Question", "name": "When should I choose Team instead of Pro?", "acceptedAnswer": { "@type": "Answer", "text": "Choose Team when one correction needs to protect multiple developers or agents across shared repositories." } }]
+  "@type": "FAQPage", "mainEntity": [{ "@type": "Question", "name": "How is Pro different from the free install?", "acceptedAnswer": { "@type": "Answer", "text": "Free keeps local recall, checks, and MCP. Pro adds the personal dashboard, DPO export, auto-connect, and founder support." } }, { "@type": "Question", "name": "Does Pro require a cloud account?", "acceptedAnswer": { "@type": "Answer", "text": "No. Pro stays local-first; Enterprise is the hosted rollout lane for shared lessons, org visibility, and reviews." } }, { "@type": "Question", "name": "What happens after checkout?", "acceptedAnswer": { "@type": "Answer", "text": "You activate Pro, connect the local dashboard, and inspect blocked actions, lessons, and exports." } }, { "@type": "Question", "name": "When should I choose Enterprise instead of Pro?", "acceptedAnswer": { "@type": "Answer", "text": "Choose Enterprise when one correction needs to protect multiple developers or agents across shared repositories." } }]
 }
 </script>
 
@@ -731,7 +731,7 @@ __GA_BOOTSTRAP__
       <h1>Buy the operator loop that proves your AI agent stopped repeating the mistake.</h1>
       <p style="font-size:13px;opacity:0.8;margin-bottom:0.5rem;">Updated: <time datetime="2026-04-20">2026-04-20</time> · by <a href="https://github.com/IgorGanapolsky" style="color:inherit;">Igor Ganapolsky</a></p>
       <p>ThumbGate Pro is for one operator who already hit a repeated AI-agent failure and now needs proof: what was blocked, why it was blocked, and what changed before the next risky run.</p>
-      <p>Start Pro when you want the local dashboard, DPO export, and a single proof lane for the repeated mistake you need to stop. Team diagnostics and custom services are handled through intake, not this buyer path.</p>
+      <p>Start Pro when you want the local dashboard, DPO export, and a single proof lane for the repeated mistake you need to stop. Enterprise diagnostics and custom services are handled through intake, not this buyer path.</p>
       <div class="hero-proof">
         <div class="proof-pill">Personal local dashboard</div>
         <div class="proof-pill">DPO export from real corrections</div>
@@ -951,15 +951,15 @@ __GA_BOOTSTRAP__
       </div>
       <div class="faq-item">
         <button class="faq-q" type="button" onclick="toggleFaq(this)" onkeydown="handleFaqKeydown(event)" aria-expanded="false">Does Pro require a cloud account?</button>
-        <div class="faq-a">No. Pro is still local-first for the individual operator lane. Team is the hosted rollout lane for shared lessons, org visibility, and hosted review views.</div>
+        <div class="faq-a">No. Pro is still local-first for the individual operator lane. Enterprise is the hosted rollout lane for shared lessons, org visibility, and hosted review views.</div>
       </div>
       <div class="faq-item">
         <button class="faq-q" type="button" onclick="toggleFaq(this)" onkeydown="handleFaqKeydown(event)" aria-expanded="false">What happens after checkout?</button>
         <div class="faq-a">You activate Pro, connect the personal local dashboard, and your running agents can appear automatically so you can inspect blocked actions, active lessons, and exportable DPO pairs without adding a separate cloud dashboard dependency.</div>
       </div>
       <div class="faq-item">
-        <button class="faq-q" type="button" onclick="toggleFaq(this)" onkeydown="handleFaqKeydown(event)" aria-expanded="false">When should I choose Team instead of Pro?</button>
-        <div class="faq-a">Choose Team when one thumbs-down should protect multiple people or agents across shared repositories, or when you need shared hosted lessons, org dashboard visibility, and a workflow hardening pilot with rollout review views.</div>
+        <button class="faq-q" type="button" onclick="toggleFaq(this)" onkeydown="handleFaqKeydown(event)" aria-expanded="false">When should I choose Enterprise instead of Pro?</button>
+        <div class="faq-a">Choose Enterprise when one thumbs-down should protect multiple people or agents across shared repositories, or when you need shared hosted lessons, org dashboard visibility, and a workflow hardening pilot with rollout review views.</div>
       </div>
     </div>
   </div>
@@ -987,7 +987,7 @@ __GA_BOOTSTRAP__
       <a href="__VERIFICATION_URL__" target="_blank" rel="noopener">Verification Evidence</a>
       <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub</a>
     </div>
-    <div class="footer-copy">ThumbGate Pro for individual operators. Team stays intake-first.</div>
+    <div class="footer-copy">ThumbGate Pro for individual operators. Enterprise stays intake-first.</div>
   </div>
 </footer>
 

package/scripts/activation-quickstart.js

@@ -0,0 +1,187 @@
+'use strict';
+
+// ---------------------------------------------------------------------------
+// Activation: guided first prevention rule + a live demonstrated block.
+//
+// ~98.5% of `init` users never promote their first rule, so they never see
+// "ThumbGate just blocked a repeat mistake" — the aha moment that drives
+// activation (and, downstream, conversion). `quickstart` walks a new user
+// through capturing one real example, promoting it to a block rule, and then
+// firing that rule against the exact action so they watch it get blocked.
+//
+// SAFETY: this is additive and lives in its own module. `init` is untouched.
+// The interactive flow ONLY runs in a real TTY. Non-interactive / piped / CI
+// invocations print a one-line hint and exit 0 without prompting or hanging.
+// ---------------------------------------------------------------------------
+
+const path = require('node:path');
+
+const PKG_ROOT = path.join(__dirname, '..');
+const PRO_URL = 'https://thumbgate.ai';
+
+// Turn a free-text mistake description into a safe, literal gate pattern. We
+// escape regex metacharacters so arbitrary user input can never produce an
+// invalid or runaway regex inside the gates engine.
+function escapeRegex(text) {
+  return String(text).replace(/[.*+?^${}()|[\]\\]/g, String.raw`\$&`);
+}
+
+function pkgVersion() {
+  try {
+    return require(path.join(PKG_ROOT, 'package.json')).version;
+  } catch {
+    // Version is cosmetic in the banner; fall back if package.json is unreadable.
+    return '0.0.0';
+  }
+}
+
+// Core, dependency-injected activation flow so it is testable without a real
+// TTY. Callers provide ask() (returns a Promise<string>), out() (line writer),
+// and isTTY. Returns a structured result describing what was promoted/blocked.
+//
+// Optional injectables (deps) keep the test hermetic and let the CLI pass the
+// real modules:
+//   deps.forcePromote(pattern, action) -> { gateId, totalGates }
+//   deps.runGate(input) -> Promise<rawJsonString>
+//   deps.captureFeedback(params)
+//   deps.trackEvent(name, props)
+async function runActivationFlow({ ask, out, isTTY, deps = {} }) {
+  // Hard safety gate: never prompt or hang in non-interactive contexts.
+  if (!isTTY) {
+    out('thumbgate quickstart is an interactive walkthrough — run it in a terminal.');
+    out('Non-interactive setup: npx thumbgate init   (or: npx thumbgate quick-start)');
+    return { interactive: false, promoted: false, blocked: false };
+  }
+
+  const forcePromote = deps.forcePromote
+    || require(path.join(PKG_ROOT, 'scripts', 'auto-promote-gates')).forcePromote;
+  const runGate = deps.runGate
+    || ((input) => require(path.join(PKG_ROOT, 'scripts', 'gates-engine')).runAsync(input));
+  let captureFeedback = deps.captureFeedback;
+  if (captureFeedback === undefined) {
+    try {
+      ({ captureFeedback } = require(path.join(PKG_ROOT, 'scripts', 'feedback-loop')));
+    } catch {
+      // Feedback capture is a nice-to-have here; the rule + block is the aha.
+      captureFeedback = null;
+    }
+  }
+  const trackEvent = deps.trackEvent || (() => {});
+
+  out('');
+  out(`thumbgate quickstart v${pkgVersion()}`);
+  out('');
+  out("Let's set up your first prevention rule and watch it block a repeat mistake.");
+  out('');
+  out('Think of one thing an AI agent did that you never want it to do again.');
+  out('Examples: "git push --force to main", "rm -rf node_modules", "edit .env directly".');
+  out('');
+
+  let mistake = String(await ask('The mistake to block: ') || '').trim();
+  if (!mistake) {
+    mistake = 'git push --force to main';
+    out(`(using a starter example: ${mistake})`);
+  }
+
+  // 1. Capture it as a real thumbs-down example (best-effort).
+  if (typeof captureFeedback === 'function') {
+    try {
+      captureFeedback({
+        signal: 'down',
+        context: mistake,
+        whatWentWrong: mistake,
+        whatToChange: `Block this action: ${mistake}`,
+        tags: 'quickstart,activation,first-rule',
+        gateAction: 'block',
+      });
+    } catch {
+      // Capture failure should not abort the activation aha.
+    }
+  }
+
+  // 2. Promote it into a hard block rule using the existing primitive.
+  const pattern = escapeRegex(mistake);
+  const promotion = forcePromote(pattern, 'block');
+  out('');
+  out(`  Rule promoted: ${promotion.gateId} [block]`);
+  out(`  Active rules now: ${promotion.totalGates}`);
+
+  // 3. Demonstrate the block. Force strict enforcement for the demo so the
+  //    user's brand-new rule hard-blocks (default posture is warn-by-default).
+  //    We restore the prior value so we never mutate the user's environment.
+  const priorStrict = process.env.THUMBGATE_STRICT_ENFORCEMENT;
+  process.env.THUMBGATE_STRICT_ENFORCEMENT = '1';
+  let verdict;
+  try {
+    const demoInput = { tool_name: 'Bash', tool_input: { command: mistake } };
+    const raw = await runGate(demoInput);
+    verdict = JSON.parse(raw);
+  } finally {
+    if (priorStrict === undefined) delete process.env.THUMBGATE_STRICT_ENFORCEMENT;
+    else process.env.THUMBGATE_STRICT_ENFORCEMENT = priorStrict;
+  }
+
+  const decision = verdict?.decision
+    || verdict?.hookSpecificOutput?.permissionDecision;
+  const blocked = decision === 'block' || decision === 'deny';
+
+  out('');
+  if (blocked) {
+    out('  | ThumbGate just blocked it.');
+    out(`  | Action attempted: ${mistake}`);
+    out('  | Verdict: BLOCKED — the agent cannot repeat this mistake.');
+  } else {
+    // Even in warn posture the action is flagged + logged. Be honest about it.
+    out('  | ThumbGate flagged it.');
+    out(`  | Action attempted: ${mistake}`);
+    out('  | Verdict: flagged and logged. Set THUMBGATE_STRICT_ENFORCEMENT=1 to hard-block.');
+  }
+
+  // 4. Tie the value the user just saw to what Pro keeps working.
+  out('');
+  out('  That rule lives in this project. Pro keeps your rules — and the mistakes');
+  out('  you teach it — synced across every machine and agent runtime you work in,');
+  out(`  so the block you just saw follows your whole team. ${PRO_URL}/pricing`);
+  out('');
+
+  try { trackEvent('cli_quickstart_activated', { command: 'quickstart', blocked }); } catch { /* telemetry best-effort */ }
+
+  return {
+    interactive: true,
+    promoted: true,
+    blocked,
+    gateId: promotion.gateId,
+    pattern,
+    mistake,
+    verdict,
+  };
+}
+
+// CLI entrypoint: wires runActivationFlow to a real readline prompt + stdout.
+function quickstart() {
+  const isTTY = Boolean(process.stdout.isTTY && process.stdin.isTTY);
+  const out = (line = '') => console.log(line);
+
+  const trackEvent = (() => {
+    try { return require(path.join(PKG_ROOT, 'scripts', 'cli-telemetry')).trackEvent; } catch { return () => {}; }
+  })();
+
+  if (!isTTY) {
+    // Mirror the non-interactive branch without opening readline (which would
+    // otherwise keep the process alive waiting for input that never comes).
+    return runActivationFlow({ ask: async () => '', out, isTTY: false, deps: { trackEvent } });
+  }
+
+  const readline = require('node:readline');
+  const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+  const ask = (q) => new Promise((resolve) => rl.question(q, resolve));
+
+  return runActivationFlow({ ask, out, isTTY: true, deps: { trackEvent } })
+    .catch((err) => {
+      console.error(`quickstart error: ${err?.message ?? err}`);
+      process.exitCode = 1;
+    })
+    .finally(() => rl.close());
+}
+
+module.exports = { runActivationFlow, quickstart, escapeRegex };