thumbgate 1.27.8 → 1.27.10

package/public/learn.html

@@ -115,6 +115,18 @@
       {
         "@type": "ListItem",
         "position": 13,
+        "url": "https://thumbgate.ai/learn/anthropomorphic-claim-gates",
+        "name": "Anthropomorphic Claim Gates for AI Agents"
+      },
+      {
+        "@type": "ListItem",
+        "position": 14,
+        "url": "https://thumbgate.ai/learn/agent-identity-connector-governance",
+        "name": "Agent Identity and Connector Governance"
+      },
+      {
+        "@type": "ListItem",
+        "position": 15,
         "url": "https://thumbgate.ai/learn/pretix-stripe-connect-marketplaces",
         "name": "Building a Pretix + Stripe Connect Plugin for Live-Music Venues"
       },
@@ -145,54 +157,42 @@
       {
         "@type": "ListItem",
         "position": 10,
-        "url": "https://thumbgate.ai/guides/hermes-agent-guardrails",
-        "name": "Hermes Agent Guardrails for Self-Improving Agents"
-      },
-      {
-        "@type": "ListItem",
-        "position": 11,
-        "url": "https://thumbgate.ai/guides/agent-context-governance",
-        "name": "Agent Context Governance for Long-Running Agents"
-      },
-      {
-        "@type": "ListItem",
-        "position": 12,
         "url": "https://thumbgate.ai/guides/roo-code-alternative-cline",
         "name": "Roo Code Alternative: Migrating to Cline with Portable Lesson Memory"
       },
       {
         "@type": "ListItem",
-        "position": 13,
+        "position": 11,
         "url": "https://thumbgate.ai/guides/browser-automation-safety",
         "name": "Browser Automation Safety for AI Agents"
       },
       {
         "@type": "ListItem",
-        "position": 14,
+        "position": 12,
         "url": "https://thumbgate.ai/guides/native-messaging-host-security",
         "name": "Native Messaging Host Security"
       },
       {
         "@type": "ListItem",
-        "position": 15,
+        "position": 13,
         "url": "https://thumbgate.ai/guides/ai-search-topical-presence",
         "name": "AI Search Topical Presence"
       },
       {
         "@type": "ListItem",
-        "position": 16,
+        "position": 14,
         "url": "https://thumbgate.ai/guides/relational-knowledge-ai-recommendations",
         "name": "Relational Knowledge in AI Recommendations"
       },
       {
         "@type": "ListItem",
-        "position": 17,
+        "position": 15,
         "url": "https://thumbgate.ai/guides/ai-deployment-readiness",
         "name": "AI Deployment Readiness Before Production Rollout"
       },
       {
         "@type": "ListItem",
-        "position": 18,
+        "position": 16,
         "url": "https://thumbgate.ai/guides/database-agent-safety",
         "name": "Database Safety for AI Agents"
       }
@@ -421,6 +421,22 @@
       <span class="article-tag">Cost Control</span>
     </a>
 
+    <a href="/learn/anthropomorphic-claim-gates" class="article-card">
+      <h3>Anthropomorphic Claim Gates for AI Agents</h3>
+      <p>Do not let an agent say a model understands, knows, decides, or behaves human-like unless it can show the measurement criteria and evidence behind that claim.</p>
+      <span class="article-tag">Claim Verification</span>
+      <span class="article-tag">Research</span>
+      <span class="article-tag">Proof Gates</span>
+    </a>
+
+    <a href="/learn/agent-identity-connector-governance" class="article-card">
+      <h3>Agent Identity and Connector Governance</h3>
+      <p>Agents connected to Merge, Glean, MCP gateways, and enterprise apps are identities. Gate owner, credential, connector scope, DLP, audit, and purpose before they act.</p>
+      <span class="article-tag">Agent Identity</span>
+      <span class="article-tag">MCP Connectors</span>
+      <span class="article-tag">Least Privilege</span>
+    </a>
+
     <a href="/learn/from-prototype-to-production" class="article-card">
       <h3>From git init to v1.17.0 in 70 days: an honest ThumbGate build log</h3>
       <p>70 days, 112 commits, 17 minor releases, 6k npm downloads, $0 cold-traffic revenue. The unedited story of taking ThumbGate from a one-line repo init to live production — including the part that's still broken.</p>
@@ -473,14 +489,6 @@
       <span class="article-tag">Governance</span>
     </a>
 
-    <a href="/guides/vllm-serving-guardrails" class="article-card">
-      <h3>vLLM Serving Guardrails</h3>
-      <p>Gate self-hosted inference changes before agents route production work through PagedAttention, batching, prefix-cache, or model-swap optimizations.</p>
-      <span class="article-tag">vLLM</span>
-      <span class="article-tag">LLM Serving</span>
-      <span class="article-tag">Runtime Safety</span>
-    </a>
-
     <a href="/guides/relational-knowledge-ai-recommendations" class="article-card">
       <h3>Relational Knowledge in AI Recommendations</h3>
       <p>How stored brand-to-problem associations shape AI answers, and why ThumbGate should own the pre-action-checks category in those retrieval paths.</p>
@@ -521,30 +529,6 @@
       <span class="article-tag">Enforcement</span>
     </a>
 
-    <a href="/guides/hermes-agent-guardrails" class="article-card">
-      <h3>Hermes Agent Guardrails for Self-Improving Agents</h3>
-      <p>Hermes-style agents bring persistent memory, generated skills, gateways, automations, and sandboxes. ThumbGate adds the pre-action firewall before those agents touch real systems.</p>
-      <span class="article-tag">Hermes Agent</span>
-      <span class="article-tag">Persistent Agents</span>
-      <span class="article-tag">Execution Firewall</span>
-    </a>
-
-    <a href="/guides/safe-self-evolution" class="article-card">
-      <h3>Safe Self-Evolution: Prompt Optimization without Regression</h3>
-      <p>Hermes-style autonomous agents learn by observing failures and rewriting skills. ThumbGate introduces Safe Self-Evolution: weakness mining, automated prompt optimization, verification suites, and atomic git rollbacks.</p>
-      <span class="article-tag">Self-Evolution</span>
-      <span class="article-tag">Harness Optimizer</span>
-      <span class="article-tag">Verification Gate</span>
-    </a>
-
-    <a href="/guides/agent-context-governance" class="article-card">
-      <h3>Agent Context Governance for Long-Running Agents</h3>
-      <p>AdaCoM, tokenmaxxing backlash, Managed Agents, lockdown modes, and model-provenance scares all point to one need: clean context and tool gates before agents act.</p>
-      <span class="article-tag">Context Governance</span>
-      <span class="article-tag">Tool Lockdown</span>
-      <span class="article-tag">Model Provenance</span>
-    </a>
-
     <a href="/guides/roo-code-alternative-cline" class="article-card">
       <h3>Roo Code Alternative: Migrate to Cline Without Losing Agent Memory</h3>
       <p>Use the Roo shutdown window to pitch portable lesson memory and local-first enforcement instead of making operators re-teach the same failures after they switch.</p>

package/public/numbers.html

@@ -25,7 +25,7 @@
   "alternateName": "thumbgate",
   "applicationCategory": "DeveloperApplication",
   "operatingSystem": "Cross-platform, Node.js >=18.18.0",
-  "softwareVersion": "1.27.8",
+  "softwareVersion": "1.27.7",
   "url": "https://thumbgate.ai/numbers",
   "dateModified": "2026-05-07",
   "creator": {
@@ -202,7 +202,7 @@
 <main class="container">
   <h1>The Numbers</h1>
   <p class="subtitle">Generated first-party operational snapshot from the ThumbGate runtime. This is not customer traction, install volume, revenue, or proof that a configured gate has fired.</p>
-  <div class="freshness">Updated: 2026-05-07 · Version 1.27.8</div>
+  <div class="freshness">Updated: 2026-05-07 · Version 1.27.7</div>
   <div class="truth-note"><strong>Read this first:</strong> configured checks are inventory. Recorded blocks and warnings are usage evidence. This snapshot currently reports 0 recorded hard-block event(s) and 0 recorded warning event(s).</div>
 
   <h2>Gate enforcement</h2>

package/public/pro.html

@@ -37,7 +37,7 @@ __GA_BOOTSTRAP__
 <script type="application/ld+json">
 {
   "@context": "https://schema.org",
-  "@type": "FAQPage", "mainEntity": [{ "@type": "Question", "name": "How is Pro different from the free install?", "acceptedAnswer": { "@type": "Answer", "text": "Free keeps local recall, checks, and MCP. Pro adds the personal dashboard, DPO export, auto-connect, and founder support." } }, { "@type": "Question", "name": "Does Pro require a cloud account?", "acceptedAnswer": { "@type": "Answer", "text": "No. Pro stays local-first; Enterprise is the hosted rollout lane for shared lessons, org visibility, and reviews." } }, { "@type": "Question", "name": "What happens after checkout?", "acceptedAnswer": { "@type": "Answer", "text": "You activate Pro, connect the local dashboard, and inspect blocked actions, lessons, and exports." } }, { "@type": "Question", "name": "When should I choose Enterprise instead of Pro?", "acceptedAnswer": { "@type": "Answer", "text": "Choose Enterprise when one correction needs to protect multiple developers or agents across shared repositories." } }]
+  "@type": "FAQPage", "mainEntity": [{ "@type": "Question", "name": "How is Pro different from the free install?", "acceptedAnswer": { "@type": "Answer", "text": "Free keeps local recall, checks, and MCP. Pro adds the personal dashboard, DPO export, auto-connect, and founder support." } }, { "@type": "Question", "name": "Does Pro require a cloud account?", "acceptedAnswer": { "@type": "Answer", "text": "No. Pro stays local-first; Team is the hosted rollout lane for shared lessons, org visibility, and reviews." } }, { "@type": "Question", "name": "What happens after checkout?", "acceptedAnswer": { "@type": "Answer", "text": "You activate Pro, connect the local dashboard, and inspect blocked actions, lessons, and exports." } }, { "@type": "Question", "name": "When should I choose Team instead of Pro?", "acceptedAnswer": { "@type": "Answer", "text": "Choose Team when one correction needs to protect multiple developers or agents across shared repositories." } }]
 }
 </script>
 
@@ -731,7 +731,7 @@ __GA_BOOTSTRAP__
       <h1>Buy the operator loop that proves your AI agent stopped repeating the mistake.</h1>
       <p style="font-size:13px;opacity:0.8;margin-bottom:0.5rem;">Updated: <time datetime="2026-04-20">2026-04-20</time> · by <a href="https://github.com/IgorGanapolsky" style="color:inherit;">Igor Ganapolsky</a></p>
       <p>ThumbGate Pro is for one operator who already hit a repeated AI-agent failure and now needs proof: what was blocked, why it was blocked, and what changed before the next risky run.</p>
-      <p>Start Pro when you want the local dashboard, DPO export, and a single proof lane for the repeated mistake you need to stop. Enterprise diagnostics and custom services are handled through intake, not this buyer path.</p>
+      <p>Start Pro when you want the local dashboard, DPO export, and a single proof lane for the repeated mistake you need to stop. Team diagnostics and custom services are handled through intake, not this buyer path.</p>
       <div class="hero-proof">
         <div class="proof-pill">Personal local dashboard</div>
         <div class="proof-pill">DPO export from real corrections</div>
@@ -951,15 +951,15 @@ __GA_BOOTSTRAP__
       </div>
       <div class="faq-item">
         <button class="faq-q" type="button" onclick="toggleFaq(this)" onkeydown="handleFaqKeydown(event)" aria-expanded="false">Does Pro require a cloud account?</button>
-        <div class="faq-a">No. Pro is still local-first for the individual operator lane. Enterprise is the hosted rollout lane for shared lessons, org visibility, and hosted review views.</div>
+        <div class="faq-a">No. Pro is still local-first for the individual operator lane. Team is the hosted rollout lane for shared lessons, org visibility, and hosted review views.</div>
       </div>
       <div class="faq-item">
         <button class="faq-q" type="button" onclick="toggleFaq(this)" onkeydown="handleFaqKeydown(event)" aria-expanded="false">What happens after checkout?</button>
         <div class="faq-a">You activate Pro, connect the personal local dashboard, and your running agents can appear automatically so you can inspect blocked actions, active lessons, and exportable DPO pairs without adding a separate cloud dashboard dependency.</div>
       </div>
       <div class="faq-item">
-        <button class="faq-q" type="button" onclick="toggleFaq(this)" onkeydown="handleFaqKeydown(event)" aria-expanded="false">When should I choose Enterprise instead of Pro?</button>
-        <div class="faq-a">Choose Enterprise when one thumbs-down should protect multiple people or agents across shared repositories, or when you need shared hosted lessons, org dashboard visibility, and a workflow hardening pilot with rollout review views.</div>
+        <button class="faq-q" type="button" onclick="toggleFaq(this)" onkeydown="handleFaqKeydown(event)" aria-expanded="false">When should I choose Team instead of Pro?</button>
+        <div class="faq-a">Choose Team when one thumbs-down should protect multiple people or agents across shared repositories, or when you need shared hosted lessons, org dashboard visibility, and a workflow hardening pilot with rollout review views.</div>
       </div>
     </div>
   </div>
@@ -987,7 +987,7 @@ __GA_BOOTSTRAP__
       <a href="__VERIFICATION_URL__" target="_blank" rel="noopener">Verification Evidence</a>
       <a href="https://github.com/IgorGanapolsky/ThumbGate" target="_blank" rel="noopener">GitHub</a>
     </div>
-    <div class="footer-copy">ThumbGate Pro for individual operators. Enterprise stays intake-first.</div>
+    <div class="footer-copy">ThumbGate Pro for individual operators. Team stays intake-first.</div>
   </div>
 </footer>
 

package/scripts/cli-schema.js

@@ -123,6 +123,16 @@ const CLI_COMMANDS = [
       { name: 'remote', type: 'boolean', description: 'Fetch from hosted Railway instance' },
     ],
   },
+  {
+    name: 'community',
+    aliases: ['registry'],
+    description: 'Query or share verified prevention rules with the community knowledge registry',
+    group: 'discovery',
+    flags: [
+      { name: 'json',   type: 'boolean', description: 'Output as JSON' },
+      { name: 'remote', type: 'boolean', description: 'Fetch from community remote API' },
+    ],
+  },
   {
     name: 'gate-stats',
     description: 'Check engine statistics — active checks, blocks, warns, time saved',
@@ -505,12 +515,6 @@ const CLI_COMMANDS = [
     group: 'gates',
     flags: [],
   },
-  {
-    name: 'hermes-gate',
-    description: 'Hermes Agent pre_tool_call hook: gate runtime tool calls (incl. skill_manage) before they run',
-    group: 'gates',
-    flags: [],
-  },
   {
     name: 'force-gate',
     description: 'Immediately create a blocking gate from a pattern string',
@@ -656,22 +660,6 @@ const CLI_COMMANDS = [
       { name: 'json',        type: 'boolean', description: 'Output results as JSON' },
     ],
   },
-  {
-    name: 'check-update',
-    aliases: ['upgrade-check'],
-    description: 'Check for newer versions of ThumbGate from npm or GitHub',
-    group: 'ops',
-    flags: [
-      { name: 'json', type: 'boolean', description: 'Output results as JSON' },
-    ],
-  },
-  {
-    name: 'self-update',
-    aliases: ['upgrade-cli'],
-    description: 'Automatically install the latest version of ThumbGate globally',
-    group: 'ops',
-    flags: [],
-  },
 ];
 
 /**

package/scripts/dashboard-chat.js

@@ -317,8 +317,7 @@ async function answerDataQuestion(question, opts = {}) {
     if (isPerplexity) return await callPerplexityEndpoint({ apiKey, prompt, fetchImpl, sources });
     return await callGeminiEndpoint({ apiKey, model, prompt, fetchImpl, sources });
   } catch (err) {
-    const safeMessage = (err && err.message) ? String(err.message).split('\n')[0].slice(0, 100) : 'An unexpected error occurred.';
-    return { ok: false, error: 'network', message: safeMessage, sources };
+    return { ok: false, error: 'network', message: err?.message || String(err), sources };
   }
 }
 

package/scripts/document-intake.js

@@ -708,6 +708,7 @@ function buildDocumentSummary(document) {
     sourcePath: document.sourcePath || null,
     sourceName: document.sourceName || null,
     sourceFormat: document.sourceFormat,
+    sourceUrl: document.sourceUrl || null,
     importedAt: document.importedAt,
     tags: normalizeTags(document.tags),
     excerpt: document.excerpt,
@@ -768,7 +769,11 @@ function persistDocument(document, options = {}) {
   const summaries = listImportedDocuments({
     ...options,
     limit: MAX_SEARCH_SCAN,
-  }).documents.filter((entry) => entry.documentId !== document.documentId);
+  }).documents.filter((entry) => {
+    if (entry.documentId === document.documentId) return false;
+    if (document.sourceUrl && entry.sourceUrl === document.sourceUrl) return false;
+    return true;
+  });
   const nextSummaries = [
     buildDocumentSummary(document),
     ...summaries,
@@ -882,6 +887,48 @@ function importDocument(options = {}) {
     sourceFormat,
   });
   const fingerprint = sha256(`${title}\n${normalizedContent}`);
+  
+  // -- deduplication and RAG drift tracking ----------------------------------
+  const paths = getDocumentStorePaths(options);
+  let duplicate = null;
+  if (fs.existsSync(paths.catalogPath)) {
+    try {
+      const catalog = readJsonl(paths.catalogPath);
+      const urlMatch = options.sourceUrl ? String(options.sourceUrl).trim() : null;
+      const matchedSummary = catalog.find((summary) =>
+        (urlMatch && summary.sourceUrl === urlMatch) ||
+        (summary.fingerprint === fingerprint)
+      );
+      if (matchedSummary) {
+        const fullDoc = readImportedDocument(matchedSummary.documentId, options);
+        if (fullDoc) {
+          if (fullDoc.fingerprint === fingerprint) {
+            // Case A: Content is identical
+            const dedupReason = urlMatch && fullDoc.sourceUrl === urlMatch
+              ? 'url-and-content-unchanged'
+              : 'content-identical';
+            return {
+              ...fullDoc,
+              duplicate: true,
+              updated: false,
+              dedupReason,
+            };
+          } else {
+            // Case B: URL matches but content changed (RAG Drift!)
+            duplicate = {
+              previousDocumentId: fullDoc.documentId,
+              previousFingerprint: fullDoc.fingerprint,
+              updated: true,
+              dedupReason: 'url-content-updated',
+            };
+          }
+        }
+      }
+    } catch (err) {
+      // best-effort
+    }
+  }
+
   const importedAt = nowIso();
   const sourceName = sourcePath ? path.basename(sourcePath) : null;
   const documentId = `doc_${slugify(title || sourceName || 'document').slice(0, 24) || 'document'}_${fingerprint.slice(0, 12)}`;
@@ -901,6 +948,7 @@ function importDocument(options = {}) {
     contentBytes: Buffer.byteLength(normalizedContent, 'utf8'),
     lineCount: normalizedContent.split('\n').filter(Boolean).length,
     headings: extractHeadings(normalizedContent),
+    ...(duplicate || {}),
   };
   document.proposals = options.proposeGates === false
     ? []

package/scripts/gemini-embedding-policy.js

@@ -122,7 +122,7 @@ function resolveGeminiEmbeddingConfig(env = process.env) {
 
   return {
     enabled,
-    provider: provider === 'coreai' ? 'coreai' : (enabled ? 'gemini' : 'local'),
+    provider: enabled ? 'gemini' : 'local',
     model: String(env.THUMBGATE_GEMINI_EMBED_MODEL || GEMINI_EMBEDDING_2_MODEL).trim() || GEMINI_EMBEDDING_2_MODEL,
     apiKey,
     apiBaseUrl: trimTrailingSlashes(env.THUMBGATE_GEMINI_API_BASE_URL || 'https://generativelanguage.googleapis.com/v1beta'),
@@ -171,7 +171,6 @@ function buildGeminiEmbeddingRolloutPlan(args = {}) {
     },
     rolloutSteps: [
       'Keep local embeddings as the default offline path.',
-      'For Apple Silicon developers, route local queries through Core AI (AOT compiled models) to bypass CPU overhead.',
       'Enable Gemini Embedding 2 only when a Gemini API key is present.',
       'Use task-specific query/document prefixes at index and retrieval time.',
       'Start at 768 dimensions, then benchmark 1536 only if recall misses show up.',

package/scripts/hook-stop-anti-claim.js

@@ -45,21 +45,6 @@ const CLAIM_PATTERNS = [
   /\b(?:about|metadata|description|topics?)\b.*\b(?:updated|verified|fixed|match(?:es|ed)?)\b.*\b(?:github|repo|repository)\b/i,
   /\b(?:money|payment|charge|checkout|revenue|price|pricing|invoice|billing|tax|sales tax|inventory|stock|permission|access|customer[-\s]facing)\b.*\b(?:correct|accurate|verified|valid|matches|working|fixed|resolved|calculated|configured)\b/i,
   /\b(?:correct|accurate|verified|valid|matches|working|fixed|resolved|calculated|configured)\b.*\b(?:money|payment|charge|checkout|revenue|price|pricing|invoice|billing|tax|sales tax|inventory|stock|permission|access|customer[-\s]facing)\b/i,
-  // Added 2026-06-11 after a cross-project failure analysis: these completion
-  // claims ("all green / stable / verified / race over / tests pass") were
-  // asserted without proof and slipped past the original set. The proof-gate
-  // below suppresses them whenever the SAME turn ran a verification tool, so a
-  // "verified" claim backed by a test/curl/Read stays silent.
-  /\ball\s+(?:the\s+)?(?:tests?\s+|checks?\s+)?(?:are\s+)?green\b/i,
-  /\b(?:all\s+)?(?:tests?|checks?|ci)\s+(?:are\s+)?(?:now\s+)?passing\b/i,
-  /\ball\s+(?:tests?|checks?)\s+pass(?:ed)?\b/i,
-  /\bverified\b/i,
-  /\bconfirmed\b/i,
-  /\b(?:is|are|it'?s|now)\s+stable\b/i,
-  /\ball\s+clear\b/i,
-  /\bgood\s+to\s+go\b/i,
-  /\brace\s+(?:is\s+)?over\b/i,
-  /\bno\s+longer\s+racing\b/i,
 ];
 
 // Proof-of-verification patterns. If the SAME turn included one of these
@@ -83,29 +68,63 @@ const PROOF_PATTERNS = [
   /\bshopify\b/,
   /\bsquare\b/,
   /\bquickbooks\b/,
+  /\bgh\s+api\b/,
+  /\bls\b/,
+  /\bcat\b/,
   /Read\s*\(/, // Claude Code Read tool call
   /Bash\s*\(/, // Claude Code Bash tool call
 ];
 
-function readLastAssistantTurn(transcriptPath) {
-  if (!transcriptPath || !fs.existsSync(transcriptPath)) return null;
+const POSITIVE_FEEDBACK_PATTERNS = [
+  /\bthumbs?\s*up\b/i,
+  /👍/,
+  /\bthank(s| you)\b/i,
+  /\bgood\b/i,
+  /\bgreat\b/i,
+  /\bperfect\b/i,
+  /\bok(?:ay)?\b/i,
+];
+
+const LOW_VALUE_CLOSEOUT_PATTERNS = [
+  /^(?:good|great|perfect|ok(?:ay)?|thanks?|thank you)[.!,\s-]*(?:$|\b)/i,
+  /\buse\s+\w+\s*\/\s*\w+\b/i,
+  /\bsounds good\b/i,
+];
+
+const SUBSTANTIVE_CLOSEOUT_PATTERNS = [
+  /\b(?:evidence|verified|tested|proof|result|residual risk|next state|next action|timestamp|source|url|file|line|passed|failed|blocked|unknown)\b/i,
+  /\b(?:node --test|npm run|curl|gh |git |pytest|playwright|screenshot|diff --check)\b/i,
+  /https?:\/\//i,
+  /\/[\w.-]+\/[\w./-]+/,
+  /`[^`]+`/,
+];
+
+function readTranscriptEntries(transcriptPath) {
+  if (!transcriptPath || !fs.existsSync(transcriptPath)) return [];
   let content;
   try {
     content = fs.readFileSync(transcriptPath, 'utf8');
   } catch {
-    return null;
+    return [];
   }
-  const lines = content.trim().split('\n');
+  return content
+    .trim()
+    .split('\n')
+    .map((raw) => {
+      try {
+        return JSON.parse(raw);
+      } catch {
+        return null;
+      }
+    })
+    .filter(Boolean);
+}
+
+function readLastAssistantTurn(transcriptPath) {
+  const entries = readTranscriptEntries(transcriptPath);
   // Walk backwards to find the last assistant message
-  for (let i = lines.length - 1; i >= 0; i--) {
-    const raw = lines[i].trim();
-    if (!raw) continue;
-    let entry;
-    try {
-      entry = JSON.parse(raw);
-    } catch {
-      continue;
-    }
+  for (let i = entries.length - 1; i >= 0; i--) {
+    const entry = entries[i];
     if (entry.type === 'assistant' && entry.message) {
       return entry.message;
     }
@@ -113,6 +132,22 @@ function readLastAssistantTurn(transcriptPath) {
   return null;
 }
 
+function readPreviousUserText(transcriptPath) {
+  const entries = readTranscriptEntries(transcriptPath);
+  let seenAssistant = false;
+  for (let i = entries.length - 1; i >= 0; i--) {
+    const entry = entries[i];
+    if (!seenAssistant && entry.type === 'assistant') {
+      seenAssistant = true;
+      continue;
+    }
+    if (seenAssistant && entry.type === 'user' && entry.message) {
+      return extractText(entry.message);
+    }
+  }
+  return '';
+}
+
 function extractText(message) {
   if (!message || !Array.isArray(message.content)) return '';
   return message.content
@@ -139,6 +174,23 @@ function extractToolUseSummary(message) {
     .join('\n');
 }
 
+function wordCount(text) {
+  return String(text || '').trim().split(/\s+/).filter(Boolean).length;
+}
+
+function hasPositiveFeedback(text) {
+  return POSITIVE_FEEDBACK_PATTERNS.some((p) => p.test(text || ''));
+}
+
+function isLowValueCloseout(text, toolUseSummary = '') {
+  const normalized = String(text || '').trim();
+  if (!normalized) return false;
+  if (toolUseSummary.trim()) return false;
+  if (wordCount(normalized) > 45) return false;
+  if (SUBSTANTIVE_CLOSEOUT_PATTERNS.some((p) => p.test(normalized))) return false;
+  return LOW_VALUE_CLOSEOUT_PATTERNS.some((p) => p.test(normalized));
+}
+
 function findClaim(text) {
   for (const p of CLAIM_PATTERNS) {
     const m = text.match(p);
@@ -174,29 +226,33 @@ function main() {
 
   const text = extractText(message);
   const toolUseSummary = extractToolUseSummary(message);
+  const previousUserText = readPreviousUserText(transcriptPath);
+
+  if (hasPositiveFeedback(previousUserText) && isLowValueCloseout(text, toolUseSummary)) {
+    const reminder = [
+      '⚠️ ThumbGate response-quality gate: previous turn answered positive feedback',
+      '   with a low-value social closeout instead of silence-level brevity or an evidence checkpoint.',
+      '   Positive feedback after operational work should trigger either no extra noise,',
+      '   a compact evidence checkpoint, or a concrete next-state update.',
+      '   Do not reply with generic "Good / Great / Use X/Y" filler.',
+    ].join('\n');
+    process.stdout.write(reminder + '\n');
+    return;
+  }
+
   const claim = findClaim(text);
   if (!claim) return; // no completion claim made; silent
 
   const proofText = `${text}\n${toolUseSummary}`;
   if (hasProof(proofText)) return; // claim backed by proof in same turn
 
-  // Strict mode (THUMBGATE_STRICT_ENFORCEMENT=1): hard-block the stop. Emit a
-  // Stop-hook block decision so Claude Code does NOT end the turn — the agent
-  // must run the verification (or retract) before it can stop. Default mode
-  // stays soft (a reminder for the next turn) so we don't break existing wiring.
-  if (process.env.THUMBGATE_STRICT_ENFORCEMENT === '1') {
-    const reason = `ThumbGate anti-claim gate (strict): you claimed completion ("${claim}") without a proof tool call in the same message. Run the verification (curl / grep / test / Read) and restate with the proof, or retract — do not end the turn on an unverified claim.`;
-    process.stdout.write(JSON.stringify({ decision: 'block', reason }) + '\n');
-    return;
-  }
-
-  // Default (soft): surface a system reminder for the NEXT turn. Do not hard-block.
+  // Surface a system reminder for the NEXT turn. Do not hard-block.
   const reminder = [
     '⚠️ ThumbGate anti-claim gate: previous turn claimed completion',
     `   ("${claim}") without a proof tool call in the same message.`,
-    '   Per CLAUDE.md anti-lying: never claim "done / live / deployed / fixed /',
-    '   verified / all green / stable" or commercial truth (money / tax / inventory /',
-    '   permissions / customer-facing state) without curl / grep / test / source-of-truth output in the SAME turn.',
+    '   Per CLAUDE.md anti-lying: never claim "done / live / deployed / fixed"',
+    '   or commercial truth (money / tax / inventory / permissions / customer-facing state)',
+    '   without curl / grep / test / source-of-truth output in the SAME turn.',
     '   If the work really is verified, re-state the claim with the proof.',
     '   If not, retract and run the verification before re-asserting.',
   ].join('\n');
@@ -220,8 +276,13 @@ if (path.resolve(process.argv[1] || '') === path.resolve(__filename)) {
 module.exports = {
   CLAIM_PATTERNS,
   PROOF_PATTERNS,
+  POSITIVE_FEEDBACK_PATTERNS,
+  LOW_VALUE_CLOSEOUT_PATTERNS,
   findClaim,
   hasProof,
+  hasPositiveFeedback,
+  isLowValueCloseout,
   extractText,
   extractToolUseSummary,
+  readPreviousUserText,
 };

package/scripts/hosted-config.js

@@ -13,6 +13,7 @@ const DEFAULT_PRO_PRICE_DOLLARS = PRO_MONTHLY_PRICE_DOLLARS;
 const DEFAULT_PRO_PRICE_LABEL = PRO_PRICE_LABEL;
 const DEFAULT_SPRINT_DIAGNOSTIC_PRICE_DOLLARS = 499;
 const DEFAULT_WORKFLOW_SPRINT_PRICE_DOLLARS = 1500;
+const DEFAULT_SNAPSHOT_PRICE_DOLLARS = 97;
 const GA_MEASUREMENT_ID_PATTERN = /^G-[A-Z0-9]+$/i;
 
 function normalizeOrigin(value) {
@@ -129,6 +130,10 @@ function resolveHostedBillingConfig({ requestOrigin } = {}, env = process.env) {
   const googleSiteVerification = normalizeTrackingId(env.THUMBGATE_GOOGLE_SITE_VERIFICATION);
   const sprintDiagnosticCheckoutUrl = normalizeAbsoluteUrl(env.THUMBGATE_SPRINT_DIAGNOSTIC_CHECKOUT_URL);
   const workflowSprintCheckoutUrl = normalizeAbsoluteUrl(env.THUMBGATE_WORKFLOW_SPRINT_CHECKOUT_URL);
+  const paypalDiagnosticCheckoutUrl = normalizeAbsoluteUrl(env.THUMBGATE_PAYPAL_DIAGNOSTIC_CHECKOUT_URL);
+  const paypalWorkflowSprintCheckoutUrl = normalizeAbsoluteUrl(env.THUMBGATE_PAYPAL_WORKFLOW_SPRINT_CHECKOUT_URL);
+  const morSnapshotCheckoutUrl = normalizeAbsoluteUrl(env.THUMBGATE_MOR_SNAPSHOT_CHECKOUT_URL);
+  const morProvider = String(env.THUMBGATE_MOR_PROVIDER || '').trim();
 
   return {
     appOrigin,
@@ -142,10 +147,16 @@ function resolveHostedBillingConfig({ requestOrigin } = {}, env = process.env) {
     proPriceLabel,
     sprintDiagnosticCheckoutUrl,
     workflowSprintCheckoutUrl,
+    paypalDiagnosticCheckoutUrl,
+    paypalWorkflowSprintCheckoutUrl,
+    morSnapshotCheckoutUrl,
+    morProvider,
     sprintDiagnosticPriceDollars: normalizePriceDollars(env.THUMBGATE_SPRINT_DIAGNOSTIC_PRICE_DOLLARS)
       || DEFAULT_SPRINT_DIAGNOSTIC_PRICE_DOLLARS,
     workflowSprintPriceDollars: normalizePriceDollars(env.THUMBGATE_WORKFLOW_SPRINT_PRICE_DOLLARS)
       || DEFAULT_WORKFLOW_SPRINT_PRICE_DOLLARS,
+    snapshotPriceDollars: normalizePriceDollars(env.THUMBGATE_SNAPSHOT_PRICE_DOLLARS)
+      || DEFAULT_SNAPSHOT_PRICE_DOLLARS,
     gaMeasurementId,
     googleSiteVerification,
     posthogApiKey,
@@ -159,6 +170,7 @@ module.exports = {
   DEFAULT_PRO_PRICE_LABEL,
   DEFAULT_SPRINT_DIAGNOSTIC_PRICE_DOLLARS,
   DEFAULT_WORKFLOW_SPRINT_PRICE_DOLLARS,
+  DEFAULT_SNAPSHOT_PRICE_DOLLARS,
   GA_MEASUREMENT_ID_PATTERN,
   normalizeAbsoluteUrl,
   normalizeOrigin,

package/scripts/plausible-domain-config.js

@@ -16,9 +16,7 @@ function normalizeDomain(value) {
   try {
     return new URL(input.includes('://') ? input : `https://${input}`).hostname.toLowerCase();
   } catch {
-    const withoutProtocol = input.replace(/^https?:\/\//i, '');
-    const hostnameAndPort = withoutProtocol.split('/')[0];
-    return hostnameAndPort.toLowerCase().split(':')[0];
+    return input.replace(/^https?:\/\//i, '').replace(/\/.*$/, '').toLowerCase().split(':')[0];
   }
 }