thumbgate 1.27.7 → 1.27.9

package/.well-known/llms.txt

@@ -64,11 +64,10 @@ npx thumbgate init --agent claude-code
 - Agent discovery: https://thumbgate.ai/.well-known/mcp.json
 - Progressive tool index: https://thumbgate.ai/.well-known/mcp/tools.json
 - Context footprint report: https://thumbgate.ai/.well-known/mcp/footprint.json
-- Headroom context compression guardrails: https://thumbgate.ai/guides/headroom-context-compression-guardrails
-- Sovereign coding model guardrails: https://thumbgate.ai/guides/sovereign-coding-model-guardrails
 - Agentic web governance: https://thumbgate.ai/guides/agentic-web-governance
 - AI Mode ads and agent governance: https://thumbgate.ai/guides/ai-mode-ads-agent-governance
 - MCP tool governance: https://thumbgate.ai/guides/mcp-tool-governance
+- Policy engines need pre-action gates: https://thumbgate.ai/guides/policy-engine-pre-action-gates
 - AI agent pre-action approval gates: https://thumbgate.ai/guides/ai-agent-pre-action-approval-gates
 - Agent skills: https://thumbgate.ai/.well-known/mcp/skills.json
 - MCP applications: https://thumbgate.ai/.well-known/mcp/applications.json

package/README.md

@@ -384,8 +384,6 @@ npx thumbgate model-candidates --workload=dashboard-analysis --provider=openai -
 npx thumbgate native-messaging-audit  # inspect local browser bridges and extension hosts
 npx thumbgate dashboard --open                                  # open local project-scoped dashboard in browser
 thumbgate-dashboard                                             # standalone browser dashboard shortcut (run '/project:thumbgate-dashboard' in Claude/Grok)
-npx thumbgate check-update                                      # check if a new version is available on npm/GitHub
-npx thumbgate self-update                                       # update ThumbGate to the latest version globally
 npx thumbgate serve      # start MCP server on stdio
 npx thumbgate bench      # run reliability benchmark
 npx thumbgate bench --programbench-smoke  # include cleanroom whole-repo proof lane

package/bin/cli.js

@@ -2188,26 +2188,6 @@ function pulse() {
   });
 }
 
-function checkUpdateCmd() {
-  const { checkUpdate } = require(path.join(PKG_ROOT, 'scripts', 'check-update'));
-  const args = parseArgs(process.argv.slice(3));
-  checkUpdate({ verbose: !args.json, force: args.force }).then((res) => {
-    if (args.json) {
-      console.log(JSON.stringify(res, null, 2));
-    }
-    process.exit(0);
-  }).catch((err) => {
-    console.error(err && err.message ? err.message : err);
-    process.exit(1);
-  });
-}
-
-function selfUpdateCmd() {
-  const { selfUpdate } = require(path.join(PKG_ROOT, 'scripts', 'check-update'));
-  const success = selfUpdate();
-  process.exit(success ? 0 : 1);
-}
-
 function dispatchBrief() {
   const args = parseArgs(process.argv.slice(3));
   const {
@@ -3171,7 +3151,6 @@ const SUBCOMMAND_HELP = {
   lessons:       'Usage: npx thumbgate lessons [--query="..."] [--limit=N]\n\nSearch the lesson database (Pro feature).',
   search:        'Usage: npx thumbgate search <query>\n\nSearch ThumbGate knowledge base (Pro feature).',
   'gate-check':  'Usage: npx thumbgate gate-check\n\nPreToolUse hook interface: reads tool call JSON from stdin, outputs gate verdict.',
-  'hermes-gate': 'Usage: npx thumbgate hermes-gate\n\nNous Research Hermes Agent pre_tool_call shell hook: reads Hermes tool-call JSON from stdin, runs the ThumbGate gate pipeline (strict by default), and outputs {"decision":"block","reason":...} to veto or {} to allow. Gates terminal/patch/skill_manage etc. See adapters/hermes/config.yaml.',
   'break-glass': 'Usage: npx thumbgate break-glass --reason="why" [--ttl=5m] [--json]\n\nShort-lived recovery path for over-firing gates. Allows hook settings edits and satisfies PR-create/thread-check gates without disabling core destructive-action protections.',
   serve:         'Usage: npx thumbgate serve\n\nStart the MCP stdio server. This is for agent runtimes, not the local HTTP dashboard.',
   mcp:           'Usage: npx thumbgate mcp\n\nAlias for `thumbgate serve`.',
@@ -3189,6 +3168,11 @@ const SUBCOMMAND_HELP = {
   'ai-inventory': 'Usage: npx thumbgate ai-inventory [--root <dir>] [--format=summary|json|cyclonedx] [--output <path>] [--max-files=N]\n\nScan source/manifests/model artifacts for AI, ML, agent-framework, vector DB, Vertex, Gemini, and Dialogflow CX components. Use --format=cyclonedx to produce exportable ML-BOM evidence for enterprise reviews.',
   brain: 'Usage: npx thumbgate brain [--write] [--json] [--limit=N]\n\nBuild the agent-readable "context brain" — a single artifact consolidating this\nrepo\'s lessons, prevention rules, active gates, and project context for a coding\nagent to read BEFORE acting. --write saves it to .thumbgate/BRAIN.md (versioned,\ndeterministic). --json emits the structured model. --limit caps lessons (default 15).',
   'team-sync': 'Usage: npx thumbgate team-sync\n\nSynchronize prevention rules and context brain with your team\'s git repository (git pull --rebase & git push), then auto-rebuild the local brain.',
+  dream: 'Usage: npx thumbgate dream [--min=N] [--feedback-dir=DIR] [--json]\n\nConsolidate raw history and lessons ("Silicon Dreaming"), merge duplicates, promote recurring failures to gates, and rebuild prevention rules + BRAIN.md.',
+  consolidate: 'Usage: npx thumbgate consolidate\n\nAlias for npx thumbgate dream.',
+  triage: 'Usage: npx thumbgate triage [--schedule="daily 9:00"] [--json]\n\nRun git updates, test verification, and memory consolidation, or schedule it on a cron.',
+  hygiene: 'Usage: npx thumbgate hygiene\n\nAlias for npx thumbgate triage.',
+  community: 'Usage: npx thumbgate community query <error> | share <rule-id>\n\nQuery or share verified prevention rules with the community knowledge registry.',
 };
 
 if (_wantsHelp && COMMAND && SUBCOMMAND_HELP[COMMAND]) {
@@ -3291,6 +3275,31 @@ function renderBrainMarkdown(model) {
   return out.join('\n');
 }
 
+function autoWireInstructionFile(fileName) {
+  const filePath = path.join(CWD, fileName);
+  if (!fs.existsSync(filePath)) return;
+  try {
+    let content = fs.readFileSync(filePath, 'utf8');
+    const blockStart = '<!-- ThumbGate -->';
+    const blockEnd = '<!-- End ThumbGate -->';
+    const block = `${blockStart}\nIMPORTANT: Read .thumbgate/BRAIN.md first for lessons, prevention rules, and active gates in this repo.\n${blockEnd}\n`;
+
+    if (content.includes(blockStart)) {
+      const startIdx = content.indexOf(blockStart);
+      const endIdx = content.indexOf(blockEnd);
+      if (endIdx !== -1) {
+        content = content.slice(0, startIdx) + block + content.slice(endIdx + blockEnd.length).replace(/^\n+/, '');
+      }
+    } else {
+      content = block + '\n' + content;
+    }
+    fs.writeFileSync(filePath, content);
+    console.error(`   Auto-wired agent pointer into ${fileName}`);
+  } catch (err) {
+    console.warn(`⚠️  Failed to auto-wire agent pointer in ${fileName}: ${err.message}`);
+  }
+}
+
 function cmdBrain(args = {}) {
   const model = buildBrainModel({ limit: args.limit });
   if (args.json) { console.log(JSON.stringify(model, null, 2)); return 0; }
@@ -3310,14 +3319,120 @@ function cmdBrain(args = {}) {
     const lt = (model.lessons && model.lessons.total) || 0;
     const rt = (model.rules && model.rules.total) || 0;
     const gt = (model.gates && model.gates.total) || 0;
-    console.log(`\u{1f9e0} Wrote context brain to .thumbgate/BRAIN.md (${lt} lessons · ${rt} rules · ${gt} gates).`);
-    console.log('   Point your agent at it: add "Read .thumbgate/BRAIN.md first" to CLAUDE.md / AGENTS.md.');
+    console.error(`\u{1f9e0} Wrote context brain to .thumbgate/BRAIN.md (${lt} lessons · ${rt} rules · ${gt} gates).`);
+    
+    // Auto-inject pointer block into CLAUDE.md / AGENTS.md
+    autoWireInstructionFile('CLAUDE.md');
+    autoWireInstructionFile('AGENTS.md');
+    
     return 0;
   }
   process.stdout.write(md);
   return 0;
 }
 
+function brain() {
+  const args = parseArgs(process.argv.slice(3));
+  const subcommand = process.argv.slice(3).find((arg) => !arg.startsWith('--')) || 'status';
+  const {
+    buildContextPack,
+    checkNeverDo,
+    cleanupReport,
+    ensureBrain,
+    formatContextPack,
+    recordMemory,
+    refreshNeverDoGates,
+  } = require(path.join(PKG_ROOT, 'scripts', 'brain'));
+
+  if (subcommand === 'init' || subcommand === 'status') {
+    const result = ensureBrain(CWD);
+    const gates = refreshNeverDoGates(CWD);
+    const payload = { ...result, gateCount: gates.gateCount };
+    if (args.json) {
+      console.log(JSON.stringify(payload, null, 2));
+      return;
+    }
+    console.log('ThumbGate brain');
+    console.log('='.repeat(15));
+    console.log(`Brain dir : ${path.relative(CWD, result.brainDir)}`);
+    console.log(`Created   : ${result.created.length}`);
+    console.log(`Soul files: ${result.soulFiles.length}`);
+    console.log(`Memory dirs: ${result.memoryDirs.length}`);
+    console.log(`Never-do gates: ${gates.gateCount}`);
+    return;
+  }
+
+  if (subcommand === 'context') {
+    const task = args.task || process.argv.slice(4).find((arg) => !arg.startsWith('--')) || '';
+    const pack = buildContextPack(CWD, { task });
+    if (args.json) {
+      console.log(JSON.stringify(pack, null, 2));
+      return;
+    }
+    process.stdout.write(formatContextPack(pack));
+    return;
+  }
+
+  if (subcommand === 'remember') {
+    const title = args.title || process.argv.slice(4).find((arg) => !arg.startsWith('--')) || '';
+    const result = recordMemory(CWD, {
+      type: args.type,
+      title,
+      content: args.content || title,
+      reason: args.reason,
+      source: args.source,
+      tags: args.tags,
+      date: args.date,
+    });
+    if (args.json) {
+      console.log(JSON.stringify(result, null, 2));
+      return;
+    }
+    if (!result.ok) {
+      console.error(result.error);
+      process.exit(1);
+    }
+    console.log(`Stored brain memory: ${result.path}`);
+    return;
+  }
+
+  if (subcommand === 'check') {
+    const text = args.text || args.action || readStdinText();
+    const result = checkNeverDo(CWD, { text });
+    if (args.json) {
+      console.log(JSON.stringify(result, null, 2));
+      if (!result.ok) process.exit(2);
+      return;
+    }
+    console.log(`ThumbGate brain decision: ${result.decision.toUpperCase()}`);
+    for (const rule of result.blocked) console.log(`- ${rule.text}`);
+    if (!result.ok) process.exit(2);
+    return;
+  }
+
+  if (subcommand === 'cleanup') {
+    const report = cleanupReport(CWD, args);
+    if (args.json) {
+      console.log(JSON.stringify(report, null, 2));
+      return;
+    }
+    console.log('ThumbGate brain cleanup report');
+    console.log('='.repeat(31));
+    console.log(`Memory files: ${report.total}`);
+    console.log(`Unsourced   : ${report.unsourced.length}`);
+    console.log(`Stale       : ${report.stale.length}`);
+    console.log(`Duplicates  : ${report.duplicates.length}`);
+    if (report.unsourced.length) {
+      console.log('\nUnsourced files:');
+      for (const filePath of report.unsourced) console.log(`- ${filePath}`);
+    }
+    return;
+  }
+
+  console.error('Usage: npx thumbgate brain init|context|remember|check|cleanup [--json]');
+  process.exit(1);
+}
+
 async function teamSync() {
   const { execSync } = require('child_process');
 
@@ -3496,6 +3611,127 @@ switch (COMMAND) {
     }
     break;
   }
+  case 'dream':
+  case 'consolidate': {
+    const args = parseArgs(process.argv.slice(3));
+    const { dream } = require(path.join(PKG_ROOT, 'scripts', 'dream-consolidation'));
+    dream({
+      pkgRoot: PKG_ROOT,
+      feedbackDir: args['feedback-dir'] || args.feedbackDir || CWD,
+      rulesPath: args.output || path.join(CWD, '.thumbgate', 'prevention-rules.md'),
+      minOccurrences: args.min || 2,
+    }).then(async (result) => {
+      try {
+        await cmdBrain({ write: true });
+      } catch (brainErr) {
+        console.warn(`⚠️  Failed to rebuild context brain: ${brainErr.message}`);
+      }
+      if (args.json) {
+        console.log(JSON.stringify(result, null, 2));
+      } else {
+        console.log(`✨ [Dreaming] Consolidation complete! Merged ${result.consolidated} duplicate(s) into ${result.lessonsCount} lessons.`);
+      }
+      process.exit(0);
+    }).catch((err) => {
+      console.error('❌ Error during memory consolidation:', err && err.message ? err.message : err);
+      process.exit(1);
+    });
+    break;
+  }
+  case 'triage':
+  case 'hygiene': {
+    const args = parseArgs(process.argv.slice(3));
+    const { runTriageLoop } = require(path.join(PKG_ROOT, 'scripts', 'triage-loop'));
+    
+    if (args.schedule) {
+      const { createSchedule } = require(path.join(PKG_ROOT, 'scripts', 'schedule-manager'));
+      const scheduleResult = createSchedule({
+        id: 'thumbgate-triage-hygiene',
+        name: 'ThumbGate Triage & Hygiene Loop',
+        description: 'Run autonomous git checks, test suite verification, and Silicon Dreaming memory consolidation.',
+        schedule: args.schedule,
+        command: `const { runTriageLoop } = require('${path.join(PKG_ROOT, 'scripts', 'triage-loop')}'); runTriageLoop({ cwd: '${CWD}', pkgRoot: '${PKG_ROOT}' }).catch(console.error);`,
+        workingDirectory: CWD,
+      });
+      if (args.json) {
+        console.log(JSON.stringify(scheduleResult, null, 2));
+      } else {
+        if (scheduleResult.success) {
+          console.log(`✅ [Triage] Scheduled triage hygiene loop: ${scheduleResult.message}`);
+        } else {
+          console.error(`❌ [Triage] Failed to schedule: ${scheduleResult.error}`);
+          process.exit(1);
+        }
+      }
+      break;
+    }
+
+    runTriageLoop({
+      cwd: CWD,
+      pkgRoot: PKG_ROOT,
+    }).then(async (result) => {
+      try {
+        await cmdBrain({ write: true });
+      } catch (brainErr) {
+        console.warn(`⚠️  Failed to rebuild context brain: ${brainErr.message}`);
+      }
+      if (args.json) {
+        console.log(JSON.stringify(result, null, 2));
+      } else {
+        console.log(result.log);
+      }
+      process.exit(0);
+    }).catch((err) => {
+      console.error('❌ Error during triage loop execution:', err && err.message ? err.message : err);
+      process.exit(1);
+    });
+    break;
+  }
+  case 'community': {
+    const args = parseArgs(process.argv.slice(3));
+    const sub = process.argv.slice(3).find((arg) => !arg.startsWith('--'));
+    const { queryCommunity, shareRule } = require(path.join(PKG_ROOT, 'scripts', 'community-knowledge'));
+
+    if (sub === 'query') {
+      const queryIdx = process.argv.indexOf('query');
+      const queryText = process.argv.slice(queryIdx + 1).filter(arg => !arg.startsWith('--')).join(' ');
+      const result = queryCommunity(queryText, { remote: args.remote });
+      if (args.json) {
+        console.log(JSON.stringify(result, null, 2));
+      } else {
+        console.log(`🔍 Found ${result.resultsCount} community rule(s) matching "${result.query}":`);
+        for (const r of result.results) {
+          console.log(`\n- [${r.id}] ${r.rule}`);
+          console.log(`  Remedy:      ${r.remedy}`);
+          console.log(`  Explanation: ${r.explanation}`);
+        }
+      }
+      process.exit(0);
+    } else if (sub === 'share') {
+      const shareIdx = process.argv.indexOf('share');
+      const ruleId = process.argv.slice(shareIdx + 1).find(arg => !arg.startsWith('--'));
+      if (!ruleId) {
+        console.error('❌ Error: rule ID is required for share subcommand.');
+        process.exit(1);
+      }
+      const result = shareRule(ruleId, { feedbackDir: CWD });
+      if (args.json) {
+        console.log(JSON.stringify(result, null, 2));
+      } else {
+        if (result.ok) {
+          console.log(`✨ Successfully shared rule "${ruleId}" to community registry.`);
+        } else {
+          console.error(`❌ Failed to share rule: ${result.error}`);
+          process.exit(1);
+        }
+      }
+      process.exit(0);
+    } else {
+      console.error('Usage: npx thumbgate community query <error> | share <rule-id> [--json]');
+      process.exit(1);
+    }
+    break;
+  }
   case 'billing:setup':
     require(path.join(PKG_ROOT, 'scripts', 'billing-setup'));
     break;
@@ -3863,14 +4099,6 @@ switch (COMMAND) {
   case 'pulse':
     pulse();
     break;
-  case 'check-update':
-  case 'upgrade-check':
-    checkUpdateCmd();
-    break;
-  case 'self-update':
-  case 'upgrade-cli':
-    selfUpdateCmd();
-    break;
   case 'dispatch':
   case 'dispatch-brief':
     dispatchBrief();
@@ -3896,53 +4124,6 @@ switch (COMMAND) {
     });
     break;
   }
-  case 'hermes-gate': {
-    // Nous Research Hermes Agent `pre_tool_call` shell hook.
-    // Hermes pipes each pending tool call as JSON to stdin and reads a decision from stdout;
-    // {"decision":"block","reason":...} vetoes the call. We reuse the SAME gate pipeline as
-    // `gate-check` (runAsync → secret guard, security scan, force-push / skill_manage / learned
-    // prevention rules) and translate the verdict into Hermes's format.
-    //
-    // Hermes `pre_tool_call` is binary (block or allow) with no warn channel, and the whole point
-    // of wiring it is to gate, so we run STRICT enforcement by default — otherwise ThumbGate's
-    // warn-by-default posture would pass every deny through and the hook would block nothing.
-    // Opt out with THUMBGATE_HERMES_WARN_ONLY=1; THUMBGATE_HOTFIX_BYPASS=1 still disables checks.
-    // Wire it in ~/.hermes/config.yaml — see adapters/hermes/config.yaml.
-    if (process.env.THUMBGATE_HERMES_WARN_ONLY !== '1' && process.env.THUMBGATE_HOTFIX_BYPASS !== '1') {
-      process.env.THUMBGATE_STRICT_ENFORCEMENT = '1';
-    }
-    const { runAsync: hermesGateRun } = require(path.join(PKG_ROOT, 'scripts', 'gates-engine'));
-    let hermesStdin = '';
-    process.stdin.setEncoding('utf8');
-    process.stdin.on('data', (chunk) => { hermesStdin += chunk; });
-    process.stdin.on('end', async () => {
-      try {
-        const payload = JSON.parse(hermesStdin);
-        // Hermes sends snake_case tool_name/tool_input — gates-engine reads these directly.
-        const verdict = await hermesGateRun({ tool_name: payload.tool_name, tool_input: payload.tool_input });
-        let parsed = {};
-        try { parsed = JSON.parse(verdict); } catch (_e) { parsed = {}; }
-        const hso = parsed.hookSpecificOutput || {};
-        if (hso.permissionDecision === 'deny') {
-          process.stdout.write(JSON.stringify({
-            decision: 'block',
-            reason: hso.permissionDecisionReason || 'Blocked by ThumbGate prevention rule.',
-          }) + '\n');
-        } else {
-          // warn / no match → allow. The gate engine already logged the decision.
-          process.stdout.write(JSON.stringify({}) + '\n');
-        }
-        process.exit(0);
-      } catch (err) {
-        // Hermes hooks fail OPEN on error/timeout — emit an explicit allow so a gate fault
-        // never wedges the agent (reliability ≈ enforcement; keep this fast).
-        process.stderr.write(`hermes-gate error: ${err.message}\n`);
-        process.stdout.write(JSON.stringify({}) + '\n');
-        process.exit(0);
-      }
-    });
-    break;
-  }
   case 'gate-stats':
     gateStats();
     break;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "thumbgate",
-  "version": "1.27.7",
+  "version": "1.27.9",
   "description": "ThumbGate self-improving agent governance: thumbs-up/down turns every mistake into a prevention rule and blocks repeat patterns. 36 pre-action checks, budget enforcement, and self-protection for Claude Code, Cursor, Codex, Gemini CLI, and Amp.",
   "homepage": "https://thumbgate.ai",
   "repository": {
@@ -106,7 +106,6 @@
     "scripts/harness-selector.js",
     "scripts/hf-papers.js",
     "scripts/hook-runtime.js",
-    "scripts/hook-stop-anti-claim.js",
     "scripts/hook-thumbgate-cache-updater.js",
     "scripts/hosted-config.js",
     "scripts/hybrid-feedback-context.js",
@@ -171,6 +170,7 @@
     "scripts/rag-precision-guardrails.js",
     "scripts/rate-limiter.js",
     "scripts/reasoning-efficiency-guardrails.js",
+    "scripts/reddit-browser-notification-watch.js",
     "scripts/repeat-metric.js",
     "scripts/reward-hacking-guardrails.js",
     "scripts/risk-scorer.js",
@@ -244,9 +244,6 @@
     "adapters/letta/README.md",
     "adapters/letta/thumbgate-letta-adapter.js",
     "adapters/gcp/dfcx-webhook-gate.js",
-    "adapters/policy-engine/README.md",
-    "adapters/policy-engine/ethicore-guardian-client.js",
-    "adapters/policy-engine/thumbgate-policy-engine-adapter.js",
     "adapters/mcp/server-stdio.js",
     "adapters/opencode/opencode.json",
     "bench/programbench-smoke.json",
@@ -267,11 +264,14 @@
     "public/chatgpt-app.html",
     "public/codex-plugin.html",
     "public/compare.html",
+    "public/compare/",
     "public/dashboard.html",
     "public/federal.html",
     "public/guide.html",
+    "public/guides/",
     "public/index.html",
     "public/learn.html",
+    "public/learn/",
     "public/lessons.html",
     "public/numbers.html",
     "public/pricing.html",
@@ -366,6 +366,8 @@
     "trace:eval": "node scripts/decision-trace.js eval",
     "social:reply-monitor": "node scripts/social-reply-monitor.js",
     "social:reply-monitor:dry": "node scripts/social-reply-monitor.js --dry-run",
+    "social:reply-monitor:reddit-browser": "node scripts/reddit-browser-notification-watch.js",
+    "social:reply-monitor:reddit-browser:dry": "node scripts/reddit-browser-notification-watch.js --dry-run",
     "social:reply-monitor:install-reddit": "node scripts/reddit-monitor-launchd.js install",
     "social:reply-monitor:bluesky": "node scripts/social-reply-monitor-bluesky.js",
     "social:reply-monitor:bluesky:dry": "node scripts/social-reply-monitor-bluesky.js --dry-run",
@@ -374,10 +376,9 @@
     "social:prospect:bluesky": "node scripts/social-bluesky-prospecting.js",
     "social:prospect:bluesky:dry": "node scripts/social-bluesky-prospecting.js --dry-run",
     "social:reply-publish:bluesky:dry": "node scripts/social-reply-monitor-bluesky.js --publish-approved --dry-run",
-    "test": "npm run test:python && npm run test:schema && npm run test:loop && npm run test:dpo && npm run test:kto && npm run test:api && npm run test:proof && npm run test:e2e && npm run test:rlaif && npm run test:attribution && npm run test:quality && npm run test:intelligence && npm run test:training-export && npm run test:deployment && npm run test:operational-integrity && npm run test:workflow && npm run test:billing && npm run test:cli && npm run test:watcher && npm run test:autoresearch && npm run test:ops && npm run test:session-analyzer && npm run test:tessl && npm run test:gates && npm run test:evoskill && npm run test:gates-hardening && npm run test:workers && npm run test:social-analytics && npm run test:memalign && npm run test:xmemory-lite && npm run test:filesystem-search && npm run test:zernio && npm run test:platform-limits && npm run test:post-video && npm run test:post-everywhere-instagram && npm run test:post-everywhere-channels && npm run test:post-everywhere-zernio-default && npm run test:zernio-canonical-pollers && npm run test:zernio-status && npm run test:obsidian-export && npm run test:lesson-db && npm run test:lesson-rotation && npm run test:memory-dedup && npm run test:feedback-quality && npm run test:sync-version && npm run test:check-congruence && npm run test:tool-registry && npm run test:repeat-metric && npm run test:noop-detect && npm run test:action-receipts && npm run test:feedback-to-rules && npm run test:memory-firewall && npm run test:memory-scope-readiness && npm run test:belief-update && npm run test:hosted-config && npm run test:operational-summary && npm run test:operational-dashboard && npm run test:operator-artifacts && npm run test:operator-key-auth && npm run test:cloudflare-sandbox && npm run test:mcp-config && npm run test:mcp-tool-annotations && npm run test:mcp-oauth && npm run test:mcp-oauth-flow && npm run test:plan-gate && npm run test:ai-component-inventory && npm run test:pulse && npm run test:semantic-layer && npm run test:data-pipeline && npm run test:optimize-context && npm run test:principle-extractor && npm run test:analytics-window && npm run test:funnel-analytics && npm run test:experiment-tracker && npm run test:build-metadata && npm run test:context-engine && npm run test:hf-papers && npm run test:marketing-experiment && npm run test:seo-gsd && npm run test:verify-run && npm run test:export-dpo-pairs && npm run test:export-hf-dataset && npm run test:license && npm run test:bot-detector && npm run test:audit-pr-bot-contamination && npm run test:stripe-bootstrap-saas-catalog && npm run test:postinstall && npm run test:funnel-invariants && npm run test:cli-telemetry && npm run test:pro-parity && npm run test:model-tier-router && npm run test:computer-use-firewall && npm run test:skill-exporter && npm run test:statusline && npm run test:statusline-cache-aggregate && npm run test:public-repo-hygiene && npm run test:no-internal-orchestration-leaks && npm run test:evolution && npm run test:org-dashboard && npm run test:multi-hop-recall && npm run test:synthetic-dpo && npm run test:thumbgate-skill && npm run test:learn-hub && npm run test:feedback-fallback && npm run test:metaclaw && npm run test:server-lock && npm run test:control-tower && npm run test:pii-scanner && npm run test:data-governance && npm run test:lesson-inference && npm run test:semantic-dedup && npm run test:fs-utils && npm run test:cli-schema && npm run test:explore && npm run test:lesson-reranker && npm run test:lesson-retrieval && npm run test:lesson-semantic-retrieval && npm run test:cross-encoder && npm run test:reflector-agent && npm run test:feedback-session && npm run test:feedback-history-distiller && npm run test:hallucination-detector && npm run test:history-distiller && npm run test:predictive-insights && npm run test:predictive-credible-range && npm run test:prove-predictive-insights && npm run test:statusbar-cli && npm run test:generate-instagram-card && npm run test:instagram-thumbgate-post && npm run test:publish-instagram-thumbgate && npm run test:lesson-synthesis && npm run test:lesson-canonical && npm run test:background-governance && npm run test:memory-migration && npm run test:prompt-dlp && npm run test:ephemeral-store && npm run test:agent-security && npm run test:skill-progressive && npm run test:per-step-scoring && npm run test:weekly-auto-post && npm run test:social-post-hourly && npm run test:social-quality-gate && npm run test:a2ui-engine && npm run test:gate-satisfy && npm run test:money-watcher && npm run test:budget && npm run test:quick-start && npm run test:utm && npm run test:product-feedback && npm run test:feedback-root-consolidator && npm run test:engagement-audit && npm run test:install-growth-automation && npm run test:publish-thumbgate-launch && npm run test:reconcile-thumbgate-campaign && npm run test:reddit-publisher && npm run test:schedule-thumbgate-campaign && npm run test:social-reply-monitor && npm run test:social-dedupe-cleanup && npm run test:sync-launch-assets && npm run test:ai-search-visibility && npm run test:perplexity && npm run test:security-scanner && npm run test:llm-client && npm run test:managed-lesson-agent && npm run test:self-distill && npm run test:meta-agent && npm run test:harness-selector && npm run test:thumbgate-bench && npm run test:seo-guides && npm run test:enforcement-loop && npm run test:cli-agent-experience && npm run test:bot-detection && npm run test:checkout-archived-product-guard && npm run test:postgres-guard && npm run test:checkout-bot-guard && npm run test:checkout-pro-confirmation-gate && npm run test:pricing-page-telemetry && npm run test:session-health && npm run test:session-episodes && npm run test:spec-gate && npm run test:decision-trace && npm run test:dashboard-insights && npm run test:telemetry-tracked-link-slug && npm run test:prompt-eval && npm run test:gate-coherence && npm run test:gate-eval && npm run test:high-roi && npm run test:public-static-assets && npm run test:token-savings && npm run test:numbers-page && npm run test:workflow-gate-checkpoint && npm run test:lesson-export-import && npm run test:landing-page-claims && npm run test:competitive-positioning-marketing && npm run test:medium-weekly && npm run test:dashboard-deeplink-e2e && npm run test:public-package-parity && npm run test:token-savings-dashboard && npm run test:cursor-wiring && npm run test:pretooluse-injection && npm run test:recent-corrective-context && npm run test:durability-step && npm run test:mailer && npm run test:brand-assets && npm run test:enforcement-teeth && npm run test:bayes-optimal-gate && npm run test:swarm-coordinator && npm run test:session-report && npm run test:agent-reasoning-traces && npm run test:judge-reward && npm run test:llm-behavior-monitor && npm run test:prompting-os && npm run test:single-use-credential-gate && npm run test:structured-prompt-driven && npm run test:require-evidence-gate && npm run test:rule-validator && npm run test:bluesky-atproto && npm run test:social-reply-monitor-bluesky && npm run test:bluesky-delete-replies && npm run test:architect-kit-memory-bridge && npm run test:sonar-review-hotspots && npm run test:actionable-remediations && npm run test:gemini-embedding-policy && npm run test:agent-design-governance && npm run test:public-core-boundary && npm run test:hook-stop-verify-deploy && npm run test:hook-stop-anti-claim && npm run test:plausible-server-events && npm run test:activation-tracker && npm run test:activation-onboarding && npm run test:unified-revenue-rollup && npm run test:conversion-rate-stats && npm run test:external-customer-audit && npm run test:telemetry-export && npm run test:stripe-checkout-diagnostic && npm run test:stripe-business-identity-probe && npm run test:revenue-observability-doctor && npm run test:public-bundle-ratchet && npm run test:stripe-payment-link-update && npm run test:ci-cd-hygiene-audit && npm run test:verify-marketing-pages-deployed && npm run test:install-email-capture && npm run test:install-shim && npm run test:hook-runtime-subcommands && npm run test:implementation-notes && npm run test:daily-block-cap && npm run test:free-to-paid-conversion-units && npm run test:metrics-real-endpoint && npm run test:cli-trial-and-help && npm run test:cost-cli && npm run test:silent-failure-cluster && npm run test:proof:truth && node --test tests/adaptive-reliability.test.js && npm run test:mcp-oauth-reviewer && npm run test:dfcx-gate && npm run test:dfcx-gate-server && npm run test:vertex-scorer && npm run test:dashboard-chat && npm run test:gitar-integration && npm run test:secret-redaction && npm run test:discoverable-skills && npm run test:discoverable-skill-skills && npm run test:sync-telemetry && npm run test:leak-scanner && npm run test:team-sync && npm run test:eval-rag && npm run test:async-eval-observability && npm run test:letta-adapter && npm run test:tool-contract-validator && npm run test:check-update",
+    "test": "npm run test:brain && npm run test:python && npm run test:schema && npm run test:loop && npm run test:dpo && npm run test:kto && npm run test:api && npm run test:proof && npm run test:e2e && npm run test:rlaif && npm run test:attribution && npm run test:quality && npm run test:intelligence && npm run test:training-export && npm run test:deployment && npm run test:operational-integrity && npm run test:workflow && npm run test:billing && npm run test:cli && npm run test:watcher && npm run test:autoresearch && npm run test:ops && npm run test:session-analyzer && npm run test:tessl && npm run test:gates && npm run test:evoskill && npm run test:gates-hardening && npm run test:workers && npm run test:social-analytics && npm run test:memalign && npm run test:xmemory-lite && npm run test:filesystem-search && npm run test:zernio && npm run test:platform-limits && npm run test:post-video && npm run test:post-everywhere-instagram && npm run test:post-everywhere-channels && npm run test:post-everywhere-zernio-default && npm run test:zernio-canonical-pollers && npm run test:zernio-status && npm run test:obsidian-export && npm run test:lesson-db && npm run test:lesson-rotation && npm run test:memory-dedup && npm run test:feedback-quality && npm run test:sync-version && npm run test:check-congruence && npm run test:tool-registry && npm run test:repeat-metric && npm run test:noop-detect && npm run test:action-receipts && npm run test:feedback-to-rules && npm run test:memory-firewall && npm run test:memory-scope-readiness && npm run test:belief-update && npm run test:hosted-config && npm run test:operational-summary && npm run test:operational-dashboard && npm run test:operator-artifacts && npm run test:operator-key-auth && npm run test:cloudflare-sandbox && npm run test:mcp-config && npm run test:mcp-tool-annotations && npm run test:mcp-oauth && npm run test:mcp-oauth-flow && npm run test:plan-gate && npm run test:ai-component-inventory && npm run test:pulse && npm run test:semantic-layer && npm run test:data-pipeline && npm run test:optimize-context && npm run test:principle-extractor && npm run test:analytics-window && npm run test:funnel-analytics && npm run test:experiment-tracker && npm run test:build-metadata && npm run test:context-engine && npm run test:hf-papers && npm run test:marketing-experiment && npm run test:seo-gsd && npm run test:verify-run && npm run test:export-dpo-pairs && npm run test:export-hf-dataset && npm run test:license && npm run test:bot-detector && npm run test:audit-pr-bot-contamination && npm run test:stripe-bootstrap-saas-catalog && npm run test:postinstall && npm run test:funnel-invariants && npm run test:cli-telemetry && npm run test:pro-parity && npm run test:model-tier-router && npm run test:computer-use-firewall && npm run test:skill-exporter && npm run test:statusline && npm run test:statusline-cache-aggregate && npm run test:public-repo-hygiene && npm run test:no-internal-orchestration-leaks && npm run test:evolution && npm run test:org-dashboard && npm run test:multi-hop-recall && npm run test:synthetic-dpo && npm run test:thumbgate-skill && npm run test:learn-hub && npm run test:feedback-fallback && npm run test:metaclaw && npm run test:server-lock && npm run test:control-tower && npm run test:pii-scanner && npm run test:data-governance && npm run test:lesson-inference && npm run test:semantic-dedup && npm run test:fs-utils && npm run test:cli-schema && npm run test:explore && npm run test:lesson-reranker && npm run test:lesson-retrieval && npm run test:lesson-semantic-retrieval && npm run test:cross-encoder && npm run test:reflector-agent && npm run test:feedback-session && npm run test:feedback-history-distiller && npm run test:hallucination-detector && npm run test:history-distiller && npm run test:predictive-insights && npm run test:predictive-credible-range && npm run test:prove-predictive-insights && npm run test:statusbar-cli && npm run test:generate-instagram-card && npm run test:instagram-thumbgate-post && npm run test:publish-instagram-thumbgate && npm run test:lesson-synthesis && npm run test:lesson-canonical && npm run test:background-governance && npm run test:memory-migration && npm run test:prompt-dlp && npm run test:ephemeral-store && npm run test:agent-security && npm run test:skill-progressive && npm run test:per-step-scoring && npm run test:weekly-auto-post && npm run test:social-post-hourly && npm run test:social-quality-gate && npm run test:a2ui-engine && npm run test:gate-satisfy && npm run test:money-watcher && npm run test:budget && npm run test:quick-start && npm run test:utm && npm run test:product-feedback && npm run test:feedback-root-consolidator && npm run test:engagement-audit && npm run test:install-growth-automation && npm run test:publish-thumbgate-launch && npm run test:reconcile-thumbgate-campaign && npm run test:reddit-publisher && npm run test:schedule-thumbgate-campaign && npm run test:social-reply-monitor && npm run test:social-dedupe-cleanup && npm run test:sync-launch-assets && npm run test:ai-search-visibility && npm run test:perplexity && npm run test:security-scanner && npm run test:llm-client && npm run test:managed-lesson-agent && npm run test:self-distill && npm run test:meta-agent && npm run test:harness-selector && npm run test:thumbgate-bench && npm run test:seo-guides && npm run test:enforcement-loop && npm run test:cli-agent-experience && npm run test:bot-detection && npm run test:checkout-archived-product-guard && npm run test:postgres-guard && npm run test:checkout-bot-guard && npm run test:checkout-pro-confirmation-gate && npm run test:pricing-page-telemetry && npm run test:session-health && npm run test:session-episodes && npm run test:spec-gate && npm run test:decision-trace && npm run test:dashboard-insights && npm run test:telemetry-tracked-link-slug && npm run test:prompt-eval && npm run test:gate-coherence && npm run test:gate-eval && npm run test:high-roi && npm run test:public-static-assets && npm run test:token-savings && npm run test:numbers-page && npm run test:workflow-gate-checkpoint && npm run test:lesson-export-import && npm run test:landing-page-claims && npm run test:competitive-positioning-marketing && npm run test:medium-weekly && npm run test:dashboard-deeplink-e2e && npm run test:public-package-parity && npm run test:token-savings-dashboard && npm run test:cursor-wiring && npm run test:pretooluse-injection && npm run test:recent-corrective-context && npm run test:durability-step && npm run test:mailer && npm run test:brand-assets && npm run test:enforcement-teeth && npm run test:bayes-optimal-gate && npm run test:swarm-coordinator && npm run test:session-report && npm run test:agent-reasoning-traces && npm run test:judge-reward && npm run test:llm-behavior-monitor && npm run test:prompting-os && npm run test:single-use-credential-gate && npm run test:structured-prompt-driven && npm run test:require-evidence-gate && npm run test:rule-validator && npm run test:bluesky-atproto && npm run test:social-reply-monitor-bluesky && npm run test:bluesky-delete-replies && npm run test:architect-kit-memory-bridge && npm run test:sonar-review-hotspots && npm run test:actionable-remediations && npm run test:gemini-embedding-policy && npm run test:agent-design-governance && npm run test:public-core-boundary && npm run test:hook-stop-verify-deploy && npm run test:hook-stop-anti-claim && npm run test:plausible-server-events && npm run test:activation-tracker && npm run test:activation-onboarding && npm run test:unified-revenue-rollup && npm run test:conversion-rate-stats && npm run test:external-customer-audit && npm run test:telemetry-export && npm run test:stripe-checkout-diagnostic && npm run test:stripe-business-identity-probe && npm run test:revenue-observability-doctor && npm run test:public-bundle-ratchet && npm run test:stripe-payment-link-update && npm run test:ci-cd-hygiene-audit && npm run test:verify-marketing-pages-deployed && npm run test:install-email-capture && npm run test:install-shim && npm run test:hook-runtime-subcommands && npm run test:implementation-notes && npm run test:daily-block-cap && npm run test:free-to-paid-conversion-units && npm run test:metrics-real-endpoint && npm run test:cli-trial-and-help && npm run test:cost-cli && npm run test:silent-failure-cluster && npm run test:proof:truth && node --test tests/adaptive-reliability.test.js && npm run test:mcp-oauth-reviewer && npm run test:dfcx-gate && npm run test:dfcx-gate-server && npm run test:vertex-scorer && npm run test:dashboard-chat && npm run test:gitar-integration && npm run test:secret-redaction && npm run test:discoverable-skills && npm run test:discoverable-skill-skills && npm run test:sync-telemetry && npm run test:leak-scanner && npm run test:team-sync && npm run test:eval-rag && npm run test:async-eval-observability && npm run test:letta-adapter && npm run test:tool-contract-validator && npm run test:policy-engine-adapter",
+    "test:brain": "node --test tests/brain.test.js",
     "test:python": "python3 -m pytest tests/*.py",
-    "test:check-update": "node --test tests/check-update.test.js",
-    "test": "npm run test:python && npm run test:schema && npm run test:loop && npm run test:dpo && npm run test:kto && npm run test:api && npm run test:proof && npm run test:e2e && npm run test:rlaif && npm run test:attribution && npm run test:quality && npm run test:intelligence && npm run test:training-export && npm run test:deployment && npm run test:operational-integrity && npm run test:workflow && npm run test:billing && npm run test:cli && npm run test:watcher && npm run test:autoresearch && npm run test:ops && npm run test:session-analyzer && npm run test:tessl && npm run test:gates && npm run test:evoskill && npm run test:gates-hardening && npm run test:workers && npm run test:social-analytics && npm run test:memalign && npm run test:xmemory-lite && npm run test:filesystem-search && npm run test:zernio && npm run test:platform-limits && npm run test:post-video && npm run test:post-everywhere-instagram && npm run test:post-everywhere-channels && npm run test:post-everywhere-zernio-default && npm run test:zernio-canonical-pollers && npm run test:zernio-status && npm run test:obsidian-export && npm run test:lesson-db && npm run test:lesson-rotation && npm run test:memory-dedup && npm run test:feedback-quality && npm run test:sync-version && npm run test:check-congruence && npm run test:tool-registry && npm run test:repeat-metric && npm run test:noop-detect && npm run test:action-receipts && npm run test:feedback-to-rules && npm run test:memory-firewall && npm run test:memory-scope-readiness && npm run test:belief-update && npm run test:hosted-config && npm run test:operational-summary && npm run test:operational-dashboard && npm run test:operator-artifacts && npm run test:operator-key-auth && npm run test:cloudflare-sandbox && npm run test:mcp-config && npm run test:mcp-tool-annotations && npm run test:mcp-oauth && npm run test:mcp-oauth-flow && npm run test:plan-gate && npm run test:ai-component-inventory && npm run test:pulse && npm run test:semantic-layer && npm run test:data-pipeline && npm run test:optimize-context && npm run test:principle-extractor && npm run test:analytics-window && npm run test:funnel-analytics && npm run test:experiment-tracker && npm run test:build-metadata && npm run test:context-engine && npm run test:hf-papers && npm run test:marketing-experiment && npm run test:seo-gsd && npm run test:verify-run && npm run test:export-dpo-pairs && npm run test:export-hf-dataset && npm run test:license && npm run test:bot-detector && npm run test:audit-pr-bot-contamination && npm run test:stripe-bootstrap-saas-catalog && npm run test:postinstall && npm run test:funnel-invariants && npm run test:cli-telemetry && npm run test:pro-parity && npm run test:model-tier-router && npm run test:computer-use-firewall && npm run test:skill-exporter && npm run test:statusline && npm run test:statusline-cache-aggregate && npm run test:public-repo-hygiene && npm run test:no-internal-orchestration-leaks && npm run test:evolution && npm run test:org-dashboard && npm run test:multi-hop-recall && npm run test:synthetic-dpo && npm run test:thumbgate-skill && npm run test:learn-hub && npm run test:feedback-fallback && npm run test:metaclaw && npm run test:server-lock && npm run test:control-tower && npm run test:pii-scanner && npm run test:data-governance && npm run test:lesson-inference && npm run test:semantic-dedup && npm run test:fs-utils && npm run test:cli-schema && npm run test:explore && npm run test:lesson-reranker && npm run test:lesson-retrieval && npm run test:lesson-semantic-retrieval && npm run test:cross-encoder && npm run test:reflector-agent && npm run test:feedback-session && npm run test:feedback-history-distiller && npm run test:hallucination-detector && npm run test:history-distiller && npm run test:predictive-insights && npm run test:predictive-credible-range && npm run test:prove-predictive-insights && npm run test:statusbar-cli && npm run test:generate-instagram-card && npm run test:instagram-thumbgate-post && npm run test:publish-instagram-thumbgate && npm run test:lesson-synthesis && npm run test:lesson-canonical && npm run test:background-governance && npm run test:memory-migration && npm run test:prompt-dlp && npm run test:ephemeral-store && npm run test:agent-security && npm run test:skill-progressive && npm run test:per-step-scoring && npm run test:weekly-auto-post && npm run test:social-post-hourly && npm run test:social-quality-gate && npm run test:a2ui-engine && npm run test:gate-satisfy && npm run test:money-watcher && npm run test:budget && npm run test:quick-start && npm run test:utm && npm run test:product-feedback && npm run test:feedback-root-consolidator && npm run test:engagement-audit && npm run test:install-growth-automation && npm run test:publish-thumbgate-launch && npm run test:reconcile-thumbgate-campaign && npm run test:reddit-publisher && npm run test:schedule-thumbgate-campaign && npm run test:social-reply-monitor && npm run test:social-dedupe-cleanup && npm run test:sync-launch-assets && npm run test:ai-search-visibility && npm run test:perplexity && npm run test:security-scanner && npm run test:llm-client && npm run test:managed-lesson-agent && npm run test:self-distill && npm run test:meta-agent && npm run test:harness-selector && npm run test:thumbgate-bench && npm run test:seo-guides && npm run test:enforcement-loop && npm run test:cli-agent-experience && npm run test:bot-detection && npm run test:checkout-archived-product-guard && npm run test:postgres-guard && npm run test:checkout-bot-guard && npm run test:checkout-pro-confirmation-gate && npm run test:pricing-page-telemetry && npm run test:session-health && npm run test:session-episodes && npm run test:spec-gate && npm run test:decision-trace && npm run test:dashboard-insights && npm run test:telemetry-tracked-link-slug && npm run test:prompt-eval && npm run test:gate-coherence && npm run test:gate-eval && npm run test:high-roi && npm run test:public-static-assets && npm run test:token-savings && npm run test:numbers-page && npm run test:workflow-gate-checkpoint && npm run test:lesson-export-import && npm run test:landing-page-claims && npm run test:competitive-positioning-marketing && npm run test:medium-weekly && npm run test:dashboard-deeplink-e2e && npm run test:public-package-parity && npm run test:token-savings-dashboard && npm run test:cursor-wiring && npm run test:pretooluse-injection && npm run test:recent-corrective-context && npm run test:durability-step && npm run test:mailer && npm run test:brand-assets && npm run test:enforcement-teeth && npm run test:bayes-optimal-gate && npm run test:swarm-coordinator && npm run test:session-report && npm run test:agent-reasoning-traces && npm run test:judge-reward && npm run test:llm-behavior-monitor && npm run test:prompting-os && npm run test:single-use-credential-gate && npm run test:structured-prompt-driven && npm run test:require-evidence-gate && npm run test:rule-validator && npm run test:bluesky-atproto && npm run test:social-reply-monitor-bluesky && npm run test:bluesky-delete-replies && npm run test:architect-kit-memory-bridge && npm run test:sonar-review-hotspots && npm run test:actionable-remediations && npm run test:gemini-embedding-policy && npm run test:agent-design-governance && npm run test:public-core-boundary && npm run test:hook-stop-verify-deploy && npm run test:hook-stop-anti-claim && npm run test:plausible-server-events && npm run test:activation-tracker && npm run test:activation-onboarding && npm run test:unified-revenue-rollup && npm run test:conversion-rate-stats && npm run test:external-customer-audit && npm run test:telemetry-export && npm run test:stripe-checkout-diagnostic && npm run test:stripe-business-identity-probe && npm run test:revenue-observability-doctor && npm run test:public-bundle-ratchet && npm run test:stripe-payment-link-update && npm run test:ci-cd-hygiene-audit && npm run test:verify-marketing-pages-deployed && npm run test:install-email-capture && npm run test:install-shim && npm run test:hook-runtime-subcommands && npm run test:implementation-notes && npm run test:daily-block-cap && npm run test:free-to-paid-conversion-units && npm run test:metrics-real-endpoint && npm run test:cli-trial-and-help && npm run test:cost-cli && npm run test:silent-failure-cluster && npm run test:proof:truth && node --test tests/adaptive-reliability.test.js && npm run test:mcp-oauth-reviewer && npm run test:dfcx-gate && npm run test:dfcx-gate-server && npm run test:vertex-scorer && npm run test:dashboard-chat && npm run test:gitar-integration && npm run test:secret-redaction && npm run test:discoverable-skills && npm run test:discoverable-skill-skills && npm run test:sync-telemetry && npm run test:leak-scanner && npm run test:team-sync && npm run test:eval-rag && npm run test:async-eval-observability && npm run test:letta-adapter && npm run test:tool-contract-validator && npm run test:check-update && npm run test:hermes-gate",
     "test:hook-stop-verify-deploy": "node --test tests/hook-stop-verify-deploy.test.js",
     "test:hook-stop-anti-claim": "node --test tests/hook-stop-anti-claim.test.js",
     "test:plausible-server-events": "node --test tests/plausible-server-events.test.js tests/plausible-poller.test.js tests/plausible-domain-config.test.js",
@@ -453,6 +454,7 @@
     "test:memory-scope-readiness": "node --test tests/memory-scope-readiness.test.js",
     "test:belief-update": "node --test tests/belief-update.test.js",
     "test:hosted-config": "node --test tests/hosted-config.test.js",
+    "test:policy-engine-adapter": "node --test tests/policy-engine-adapter.test.js",
     "test:operational-summary": "node --test tests/operational-summary.test.js",
     "test:operational-dashboard": "node --test tests/operational-dashboard.test.js",
     "test:operator-artifacts": "node --test tests/operator-artifacts.test.js tests/revenue-pack-utils.test.js",
@@ -476,7 +478,6 @@
     "test:hf-papers": "node --test tests/hf-papers.test.js",
     "test:marketing-experiment": "node --test tests/marketing-experiment.test.js",
     "test:seo-gsd": "node --test tests/seo-gsd.test.js",
-    "test:hermes-gate": "node --test tests/hermes-gate.test.js",
     "test:verify-run": "node --test tests/verify-run.test.js",
     "test:export-dpo-pairs": "node --test tests/export-dpo-pairs.test.js",
     "test:secret-redaction": "node --test tests/secret-redaction.test.js",
@@ -503,7 +504,7 @@
     "test:operational-integrity": "node --test tests/operational-integrity.test.js tests/sync-branch-protection.test.js",
     "test:workflow": "node --test tests/parallel-workflow.test.js tests/workflow-contract.test.js tests/positioning-contract.test.js tests/docs-claim-hygiene.test.js tests/thumbgate-scope.test.js tests/workflow-runs.test.js tests/workflow-sprint-intake.test.js tests/revenue-pack-utils.test.js tests/sales-pipeline.test.js tests/github-outreach.test.js tests/enterprise-story.test.js tests/guide-conversion-path.test.js tests/buyer-intent-revenue-assist.test.js",
     "test:sales-pipeline": "node --test tests/sales-pipeline.test.js",
-    "test:billing": "node --test tests/billing.test.js tests/stripe-sync-product-images.test.js",
+    "test:billing": "node --test tests/billing.test.js tests/stripe-sync-product-images.test.js tests/payment-rails.test.js",
     "test:cli": "node --test tests/analytics-report.test.js tests/agent-design-governance.test.js tests/codex-self-heal.test.js tests/creator-campaigns.test.js tests/cli.test.js tests/codex-bridge-script.test.js tests/dependabot-changeset.test.js tests/dispatch-brief.test.js tests/feedback-normalize.test.js tests/install-mcp.test.js tests/install-scope-docs.test.js tests/pr-manager.test.js tests/pro-local-dashboard.test.js tests/published-cli.test.js tests/revenue-status.test.js tests/stripe-live-status.test.js tests/creator-dev-and-prune.test.js",
     "test:evolution": "node --test tests/workspace-evolver.test.js",
     "test:watcher": "node --test tests/jsonl-watcher.test.js",
@@ -822,16 +823,9 @@
     "stripe": "^22.2.0"
   },
   "overrides": {
-    "@google/genai": {
-      "protobufjs": "7.6.4"
-    },
-    "onnxruntime-web": {
-      "protobufjs": "7.6.4"
-    },
     "express@4.22.1": {
       "path-to-regexp": "0.1.13"
-    },
-    "js-yaml": "4.2.0"
+    }
   },
   "mcpName": "io.github.IgorGanapolsky/thumbgate",
   "devDependencies": {

package/public/blog.html

@@ -34,6 +34,12 @@
         "url": "https://thumbgate.ai/blog",
         "publisher": { "@type": "Organization", "name": "ThumbGate" },
         "blogPost": [
+          {
+            "@type": "BlogPosting",
+            "headline": "Databricks validates runtime AI governance. The next layer is pre-action enforcement.",
+            "datePublished": "2026-06-20",
+            "keywords": "Databricks Unity AI Gateway, runtime AI governance, MCP governance, pre-action enforcement, ThumbGate"
+          },
           {
             "@type": "BlogPosting",
             "headline": "Your AI agent is a supply chain attack surface. Here's how to gate it.",
@@ -172,6 +178,30 @@
     </header>
 
     <div class="container">
+      <article class="post">
+        <div class="post-date">June 20, 2026</div>
+        <h2>Databricks validates runtime AI governance. The next layer is pre-action enforcement.</h2>
+
+        <p>
+          Databricks Unity AI Gateway is a strong market signal: enterprise AI
+          governance is moving from static policy into runtime interactions
+          across models, agents, MCP services, tools, guardrails, observability,
+          and cost controls.
+        </p>
+        <p>
+          That is exactly where ThumbGate should live in the buyer conversation:
+          not as a Databricks replacement, but as the local pre-action gate that
+          stops the developer agent before it calls shell, browser, file, API,
+          MCP, or deploy tools.
+        </p>
+        <p>
+          Dashboards and budgets warn you. Gates stop the action.
+        </p>
+        <p>
+          <a href="/learn/databricks-unity-ai-gateway-runtime-governance" class="cta">Read the runtime governance breakdown</a>
+        </p>
+      </article>
+
       <article class="post">
         <div class="post-date">April 10, 2026</div>
         <h2>Your AI agent is a supply chain attack surface. Here's how to gate it.</h2>