thumbgate 1.4.2 → 1.4.4

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "thumbgate",
-  "version": "1.4.2",
-  "description": "ThumbGate: self-improving agent governance for engineering teams. Three-tier approval routing (block/approve/log), shared enforcement, CI gates, and audit trails. Every mistake becomes a prevention rule. PreToolUse hooks, Thompson Sampling, SQLite+FTS5 lesson DB, and LanceDB vector search.",
+  "version": "1.4.4",
+  "description": "Self-improving agent governance: type thumbs-up or thumbs-down on any AI agent action. ThumbGate turns every mistake into a prevention rule and blocks the pattern from repeating. One thumbs-down, never again. 33 pre-action gates, budget enforcement, and self-protection for Claude Code, Cursor, Codex, Gemini CLI, and Amp.",
   "homepage": "https://thumbgate-production.up.railway.app",
   "repository": {
     "type": "git",
@@ -10,24 +10,172 @@
   "bugs": {
     "url": "https://github.com/IgorGanapolsky/ThumbGate/issues"
   },
-  "main": "scripts/feedback-loop.js",
+  "main": "src/index.js",
   "bin": {
     "thumbgate": "bin/cli.js"
   },
   "files": [
-    "bin/",
+    "bin/cli.js",
+    "bin/postinstall.js",
     "src/",
-    "scripts/",
-    "adapters/",
+    "adapters/mcp/server-stdio.js",
+    "adapters/chatgpt/openapi.yaml",
+    "adapters/gemini/function-declarations.json",
+    "adapters/claude/.mcp.json",
+    "adapters/codex/config.toml",
+    "adapters/opencode/opencode.json",
+    "adapters/amp/skills/thumbgate-feedback/SKILL.md",
+    "adapters/forge/forge.yaml",
     "config/",
-    "plugins/",
     "skills/",
     "openapi/",
-    "public/",
     ".well-known/",
-    ".claude-plugin/",
+    ".claude-plugin/plugin.json",
+    ".claude-plugin/marketplace.json",
+    ".claude-plugin/README.md",
     "README.md",
-    "LICENSE"
+    "LICENSE",
+    "scripts/agent-readiness.js",
+    "scripts/access-anomaly-detector.js",
+    "scripts/agentic-data-pipeline.js",
+    "scripts/analytics-report.js",
+    "scripts/analytics-window.js",
+    "scripts/async-job-runner.js",
+    "scripts/audit-trail.js",
+    "scripts/auto-promote-gates.js",
+    "scripts/auto-wire-hooks.js",
+    "scripts/belief-update.js",
+    "scripts/billing-setup.js",
+    "scripts/billing.js",
+    "scripts/bot-detector.js",
+    "scripts/build-metadata.js",
+    "scripts/claude-feedback-sync.js",
+    "scripts/cli-demo.js",
+    "scripts/cli-feedback.js",
+    "scripts/cli-schema.js",
+    "scripts/cli-status.js",
+    "scripts/cli-telemetry.js",
+    "scripts/cloudflare-dynamic-sandbox.js",
+    "scripts/code-reasoning.js",
+    "scripts/codegraph-context.js",
+    "scripts/commercial-offer.js",
+    "scripts/context-manager.js",
+    "scripts/contextfs.js",
+    "scripts/conversation-context.js",
+    "scripts/creator-campaigns.js",
+    "scripts/cross-encoder-reranker.js",
+    "scripts/daemon-manager.js",
+    "scripts/dashboard-render-spec.js",
+    "scripts/dashboard.js",
+    "scripts/decision-journal.js",
+    "scripts/delegation-runtime.js",
+    "scripts/dispatch-brief.js",
+    "scripts/distribution-surfaces.js",
+    "scripts/docker-sandbox-planner.js",
+    "scripts/document-intake.js",
+    "scripts/evolution-state.js",
+    "scripts/experiment-tracker.js",
+    "scripts/explore-subcommands.js",
+    "scripts/explore.js",
+    "scripts/export-databricks-bundle.js",
+    "scripts/export-dpo-pairs.js",
+    "scripts/export-hf-dataset.js",
+    "scripts/failure-diagnostics.js",
+    "scripts/feedback-attribution.js",
+    "scripts/feedback-history-distiller.js",
+    "scripts/feedback-loop.js",
+    "scripts/feedback-paths.js",
+    "scripts/feedback-quality.js",
+    "scripts/feedback-schema.js",
+    "scripts/feedback-session.js",
+    "scripts/feedback-to-rules.js",
+    "scripts/filesystem-search.js",
+    "scripts/fs-utils.js",
+    "scripts/funnel-analytics.js",
+    "scripts/gate-stats.js",
+    "scripts/gate-templates.js",
+    "scripts/gates-engine.js",
+    "scripts/harness-selector.js",
+    "scripts/history-distiller.js",
+    "scripts/hook-runtime.js",
+    "scripts/hook-thumbgate-cache-updater.js",
+    "scripts/hosted-config.js",
+    "scripts/hosted-job-launcher.js",
+    "scripts/hybrid-feedback-context.js",
+    "scripts/install-mcp.js",
+    "scripts/intent-router.js",
+    "scripts/internal-agent-bootstrap.js",
+    "scripts/intervention-policy.js",
+    "scripts/jsonl-watcher.js",
+    "scripts/lesson-db.js",
+    "scripts/lesson-inference.js",
+    "scripts/lesson-reranker.js",
+    "scripts/lesson-retrieval.js",
+    "scripts/lesson-rotation.js",
+    "scripts/lesson-search.js",
+    "scripts/lesson-synthesis.js",
+    "scripts/license.js",
+    "scripts/llm-client.js",
+    "scripts/local-model-profile.js",
+    "scripts/managed-lesson-agent.js",
+    "scripts/mcp-config.js",
+    "scripts/mcp-policy.js",
+    "scripts/memory-firewall.js",
+    "scripts/meta-agent-loop.js",
+    "scripts/natural-language-harness.js",
+    "scripts/obsidian-export.js",
+    "scripts/operational-dashboard.js",
+    "scripts/operational-integrity.js",
+    "scripts/operational-summary.js",
+    "scripts/optimize-context.js",
+    "scripts/org-dashboard.js",
+    "scripts/partner-orchestration.js",
+    "scripts/perplexity-client.js",
+    "scripts/predictive-insights.js",
+    "scripts/pro-local-dashboard.js",
+    "scripts/problem-detail.js",
+    "scripts/product-feedback.js",
+    "scripts/profile-router.js",
+    "scripts/prompt-guard.js",
+    "scripts/published-cli.js",
+    "scripts/pulse.js",
+    "scripts/rate-limiter.js",
+    "scripts/reflector-agent.js",
+    "scripts/risk-scorer.js",
+    "scripts/rlaif-self-audit.js",
+    "scripts/rubric-engine.js",
+    "scripts/secret-scanner.js",
+    "scripts/security-scanner.js",
+    "scripts/self-distill-agent.js",
+    "scripts/self-heal.js",
+    "scripts/semantic-dedup.js",
+    "scripts/semantic-layer.js",
+    "scripts/seo-gsd.js",
+    "scripts/settings-hierarchy.js",
+    "scripts/skill-generator.js",
+    "scripts/slo-alert-engine.js",
+    "scripts/statusline-cache-path.js",
+    "scripts/statusline-lesson.js",
+    "scripts/statusline-links.js",
+    "scripts/statusline-local-stats.js",
+    "scripts/statusline-meta.js",
+    "scripts/statusline.sh",
+    "scripts/statusline-tower.js",
+    "scripts/telemetry-analytics.js",
+    "scripts/thompson-sampling.js",
+    "scripts/thumbgate-search.js",
+    "scripts/tool-registry.js",
+    "scripts/tool-kpi-tracker.js",
+    "scripts/user-profile.js",
+    "scripts/validate-workflow-contract.js",
+    "scripts/vector-store.js",
+    "scripts/verification-loop.js",
+    "scripts/webhook-delivery.js",
+    "scripts/workflow-runs.js",
+    "scripts/workflow-sentinel.js",
+    "scripts/workflow-sprint-intake.js",
+    "scripts/workspace-evolver.js",
+    "scripts/xmemory-lite.js"
   ],
   "scripts": {
     "postinstall": "node bin/postinstall.js || true",
@@ -72,7 +220,7 @@
     "social:post-everywhere:dry": "node scripts/post-everywhere.js --dry-run",
     "social:reply-monitor": "node scripts/social-reply-monitor.js",
     "social:reply-monitor:dry": "node scripts/social-reply-monitor.js --dry-run",
-    "test": "npm run test:schema && npm run test:loop && npm run test:dpo && npm run test:kto && npm run test:api && npm run test:proof && npm run test:e2e && npm run test:rlaif && npm run test:attribution && npm run test:quality && npm run test:intelligence && npm run test:training-export && npm run test:deployment && npm run test:operational-integrity && npm run test:workflow && npm run test:billing && npm run test:cli && npm run test:watcher && npm run test:autoresearch && npm run test:ops && npm run test:tessl && npm run test:gates && npm run test:evoskill && npm run test:gates-hardening && npm run test:workers && npm run test:social-analytics && npm run test:memalign && npm run test:xmemory-lite && npm run test:filesystem-search && npm run test:zernio && npm run test:obsidian-export && npm run test:lesson-db && npm run test:lesson-rotation && npm run test:memory-dedup && npm run test:feedback-quality && npm run test:sync-version && npm run test:check-congruence && npm run test:tool-registry && npm run test:feedback-to-rules && npm run test:memory-firewall && npm run test:belief-update && npm run test:hosted-config && npm run test:operational-summary && npm run test:cloudflare-sandbox && npm run test:mcp-config && npm run test:plan-gate && npm run test:pulse && npm run test:semantic-layer && npm run test:data-pipeline && npm run test:optimize-context && npm run test:principle-extractor && npm run test:analytics-window && npm run test:funnel-analytics && npm run test:experiment-tracker && npm run test:build-metadata && npm run test:context-engine && npm run test:hf-papers && npm run test:marketing-experiment && npm run test:seo-gsd && npm run test:verify-run && npm run test:export-dpo-pairs && npm run test:export-hf-dataset && npm run test:license && npm run test:bot-detector && npm run test:postinstall && npm run test:funnel-invariants && npm run test:cli-telemetry && npm run test:pro-parity && npm run test:model-tier-router && npm run test:computer-use-firewall && npm run test:skill-exporter && npm run test:statusline && npm run test:evolution && npm run test:org-dashboard && npm run test:multi-hop-recall && npm run test:synthetic-dpo && npm run test:thumbgate-skill && npm run test:learn-hub && npm run test:feedback-fallback && npm run test:metaclaw && npm run test:server-lock && npm run test:control-tower && npm run test:pii-scanner && npm run test:data-governance && npm run test:lesson-inference && npm run test:semantic-dedup && npm run test:fs-utils && npm run test:lesson-retrieval && npm run test:reflector-agent && npm run test:feedback-session && npm run test:feedback-history-distiller && npm run test:hallucination-detector && npm run test:history-distiller && npm run test:predictive-insights && npm run test:prove-predictive-insights && npm run test:statusbar-cli && npm run test:generate-instagram-card && npm run test:instagram-thumbgate-post && npm run test:publish-instagram-thumbgate && npm run test:lesson-synthesis && npm run test:background-governance && npm run test:memory-migration && npm run test:prompt-dlp && npm run test:ephemeral-store && npm run test:agent-security && npm run test:skill-progressive && npm run test:per-step-scoring && npm run test:weekly-auto-post && npm run test:social-post-hourly && npm run test:social-quality-gate && npm run test:a2ui-engine && npm run test:gate-satisfy && npm run test:money-watcher && npm run test:budget && npm run test:quick-start && npm run test:utm && npm run test:product-feedback && npm run test:feedback-root-consolidator && npm run test:engagement-audit && npm run test:install-growth-automation && npm run test:publish-thumbgate-launch && npm run test:reconcile-thumbgate-campaign && npm run test:reddit-publisher && npm run test:schedule-thumbgate-campaign && npm run test:social-reply-monitor && npm run test:sync-launch-assets && npm run test:ai-search-visibility && npm run test:security-scanner && npm run test:llm-client && npm run test:managed-lesson-agent && npm run test:self-distill && npm run test:meta-agent && npm run test:harness-selector && npm run test:seo-guides && npm run test:enforcement-loop",
+    "test": "npm run test:schema && npm run test:loop && npm run test:dpo && npm run test:kto && npm run test:api && npm run test:proof && npm run test:e2e && npm run test:rlaif && npm run test:attribution && npm run test:quality && npm run test:intelligence && npm run test:training-export && npm run test:deployment && npm run test:operational-integrity && npm run test:workflow && npm run test:billing && npm run test:cli && npm run test:watcher && npm run test:autoresearch && npm run test:ops && npm run test:session-analyzer && npm run test:tessl && npm run test:gates && npm run test:evoskill && npm run test:gates-hardening && npm run test:workers && npm run test:social-analytics && npm run test:memalign && npm run test:xmemory-lite && npm run test:filesystem-search && npm run test:zernio && npm run test:obsidian-export && npm run test:lesson-db && npm run test:lesson-rotation && npm run test:memory-dedup && npm run test:feedback-quality && npm run test:sync-version && npm run test:check-congruence && npm run test:tool-registry && npm run test:feedback-to-rules && npm run test:memory-firewall && npm run test:belief-update && npm run test:hosted-config && npm run test:operational-summary && npm run test:operator-key-auth && npm run test:cloudflare-sandbox && npm run test:mcp-config && npm run test:plan-gate && npm run test:pulse && npm run test:semantic-layer && npm run test:data-pipeline && npm run test:optimize-context && npm run test:principle-extractor && npm run test:analytics-window && npm run test:funnel-analytics && npm run test:experiment-tracker && npm run test:build-metadata && npm run test:context-engine && npm run test:hf-papers && npm run test:marketing-experiment && npm run test:seo-gsd && npm run test:verify-run && npm run test:export-dpo-pairs && npm run test:export-hf-dataset && npm run test:license && npm run test:bot-detector && npm run test:postinstall && npm run test:funnel-invariants && npm run test:cli-telemetry && npm run test:pro-parity && npm run test:model-tier-router && npm run test:computer-use-firewall && npm run test:skill-exporter && npm run test:statusline && npm run test:evolution && npm run test:org-dashboard && npm run test:multi-hop-recall && npm run test:synthetic-dpo && npm run test:thumbgate-skill && npm run test:learn-hub && npm run test:feedback-fallback && npm run test:metaclaw && npm run test:server-lock && npm run test:control-tower && npm run test:pii-scanner && npm run test:data-governance && npm run test:lesson-inference && npm run test:semantic-dedup && npm run test:fs-utils && npm run test:cli-schema && npm run test:explore && npm run test:lesson-reranker && npm run test:lesson-retrieval && npm run test:cross-encoder && npm run test:reflector-agent && npm run test:feedback-session && npm run test:feedback-history-distiller && npm run test:hallucination-detector && npm run test:history-distiller && npm run test:predictive-insights && npm run test:prove-predictive-insights && npm run test:statusbar-cli && npm run test:generate-instagram-card && npm run test:instagram-thumbgate-post && npm run test:publish-instagram-thumbgate && npm run test:lesson-synthesis && npm run test:background-governance && npm run test:memory-migration && npm run test:prompt-dlp && npm run test:ephemeral-store && npm run test:agent-security && npm run test:skill-progressive && npm run test:per-step-scoring && npm run test:weekly-auto-post && npm run test:social-post-hourly && npm run test:social-quality-gate && npm run test:a2ui-engine && npm run test:gate-satisfy && npm run test:money-watcher && npm run test:budget && npm run test:quick-start && npm run test:utm && npm run test:product-feedback && npm run test:feedback-root-consolidator && npm run test:engagement-audit && npm run test:install-growth-automation && npm run test:publish-thumbgate-launch && npm run test:reconcile-thumbgate-campaign && npm run test:reddit-publisher && npm run test:schedule-thumbgate-campaign && npm run test:social-reply-monitor && npm run test:sync-launch-assets && npm run test:ai-search-visibility && npm run test:perplexity && npm run test:security-scanner && npm run test:llm-client && npm run test:managed-lesson-agent && npm run test:self-distill && npm run test:meta-agent && npm run test:harness-selector && npm run test:thumbgate-bench && npm run test:seo-guides && npm run test:enforcement-loop && npm run test:cli-agent-experience",
     "test:feedback-fallback": "node --test tests/feedback-fallback.test.js",
     "test:metaclaw": "node --test tests/metaclaw-features.test.js",
     "test:server-lock": "node --test tests/server-stdio-lock.test.js",
@@ -94,6 +242,7 @@
     "test:belief-update": "node --test tests/belief-update.test.js",
     "test:hosted-config": "node --test tests/hosted-config.test.js",
     "test:operational-summary": "node --test tests/operational-summary.test.js",
+    "test:operator-key-auth": "node --test tests/api-operator-key-auth.test.js",
     "test:cloudflare-sandbox": "node --test tests/cloudflare-dynamic-sandbox.test.js tests/cloudflare-sandbox-api.test.js",
     "test:mcp-config": "node --test tests/mcp-config.test.js",
     "test:plan-gate": "node --test tests/plan-gate.test.js",
@@ -132,15 +281,16 @@
     "test:quality": "node --test tests/validate-feedback.test.js",
     "test:intelligence": "node --test tests/intelligence.test.js",
     "test:training-export": "node --test tests/training-export.test.js tests/databricks-export.test.js",
-    "test:deployment": "node --test tests/deployment.test.js tests/deploy-policy.test.js tests/publish-decision.test.js tests/changeset-check.test.js tests/sonarcloud-workflow.test.js",
+    "test:deployment": "node --test tests/deployment.test.js tests/deploy-policy.test.js tests/publish-decision.test.js tests/changeset-check.test.js tests/sonarcloud-workflow.test.js tests/package-boundary.test.js",
     "test:operational-integrity": "node --test tests/operational-integrity.test.js tests/sync-branch-protection.test.js",
-    "test:workflow": "node --test tests/workflow-contract.test.js tests/social-marketing-assets.test.js tests/social-pipeline.test.js tests/positioning-contract.test.js tests/docs-claim-hygiene.test.js tests/workflow-runs.test.js tests/workflow-sprint-intake.test.js tests/gtm-revenue-loop.test.js tests/enterprise-story.test.js tests/ralph-loop.test.js",
+    "test:workflow": "node --test tests/workflow-contract.test.js tests/social-marketing-assets.test.js tests/social-pipeline.test.js tests/positioning-contract.test.js tests/docs-claim-hygiene.test.js tests/workflow-runs.test.js tests/workflow-sprint-intake.test.js tests/gtm-revenue-loop.test.js tests/enterprise-story.test.js tests/ralph-loop.test.js tests/ralph-mode-ci.test.js",
     "test:billing": "node --test tests/billing.test.js",
     "test:cli": "node --test tests/analytics-report.test.js tests/creator-campaigns.test.js tests/cli.test.js tests/codex-bridge-script.test.js tests/dispatch-brief.test.js tests/feedback-normalize.test.js tests/install-mcp.test.js tests/pr-manager.test.js tests/pro-local-dashboard.test.js tests/published-cli.test.js tests/revenue-status.test.js",
     "test:evolution": "node --test tests/workspace-evolver.test.js",
     "test:watcher": "node --test tests/jsonl-watcher.test.js",
     "test:autoresearch": "node --test tests/autoresearch.test.js",
     "test:ops": "node --test tests/adk-consolidator.test.js tests/anthropic-partner-strategy.test.js tests/auto-promote-gates.test.js tests/auto-wire-hooks.test.js tests/claude-skill.test.js tests/codegraph-context.test.js tests/commercial-signals.test.js tests/decision-journal.test.js tests/delegation-runtime.test.js tests/disagreement-mining.test.js tests/failure-diagnostics.test.js tests/gate-stats.test.js tests/github-billing.test.js tests/intervention-policy.test.js tests/markdown-escape.test.js tests/mcp-tools-gates.test.js tests/project-bayes-e2e.test.js tests/project-bayes.test.js tests/rate-limiter.test.js tests/schedule-manager.test.js tests/session-handoff.test.js tests/skill-generator.test.js tests/smart-learning.test.js tests/spike-and-sink.test.js tests/stripe-webhook-route.test.js tests/stripe-webhook-rotation.test.js tests/train-from-feedback.test.js tests/workflow-hardening-sprint.test.js tests/workflow-sentinel.test.js tests/test-suite-parity.test.js tests/a2ui-engine.test.js tests/webhook-delivery.test.js",
+    "test:session-analyzer": "node --test tests/session-analyzer.test.js",
     "test:tessl": "node --test tests/tessl-export.test.js",
     "test:gates": "node --test tests/gate-templates.test.js tests/gates-engine.test.js tests/claim-verification.test.js tests/secret-scanner.test.js tests/prompt-guard.test.js tests/audit-trail.test.js tests/profile-router.test.js tests/workflow-sentinel.test.js tests/docker-sandbox-planner.test.js",
     "test:budget": "node --test tests/budget-enforcer.test.js",
@@ -206,6 +356,7 @@
     "test:data-governance": "node --test tests/data-governance.test.js",
     "test:lesson-inference": "node --test tests/conversation-context.test.js tests/lesson-inference.test.js",
     "test:lesson-retrieval": "node --test tests/lesson-retrieval.test.js",
+    "test:cross-encoder": "node --test tests/cross-encoder-reranker.test.js",
     "test:reflector-agent": "node --test tests/reflector-agent.test.js",
     "test:feedback-session": "node --test tests/feedback-session.test.js",
     "test:feedback-history-distiller": "node --test tests/feedback-history-distiller.test.js",
@@ -269,7 +420,19 @@
     "test:meta-agent": "node --test tests/meta-agent-loop.test.js",
     "test:semantic-dedup": "node --test tests/semantic-dedup.test.js",
     "test:fs-utils": "node --test tests/fs-utils.test.js",
-    "test:harness-selector": "node --test tests/harness-selector.test.js"
+    "test:lesson-reranker": "node --test tests/lesson-reranker.test.js",
+    "test:harness-selector": "node --test tests/harness-selector.test.js",
+    "test:thumbgate-bench": "node --test tests/thumbgate-bench.test.js",
+    "thumbgate:bench": "node scripts/thumbgate-bench.js",
+    "test:perplexity": "node --test tests/perplexity-client.test.js tests/perplexity-command-center.test.js tests/perplexity-adapter.test.js",
+    "perplexity:visibility": "node scripts/perplexity-command-center.js visibility",
+    "perplexity:leads": "node scripts/perplexity-command-center.js leads",
+    "perplexity:brief": "node scripts/perplexity-command-center.js brief",
+    "perplexity:full": "node scripts/perplexity-command-center.js full",
+    "perplexity:mcp-config": "node scripts/perplexity-command-center.js mcp-config",
+    "test:explore": "node --test tests/explore.test.js",
+    "test:cli-schema": "node --test tests/cli-schema.test.js",
+    "test:cli-agent-experience": "node --test tests/cli-agent-experience.test.js"
   },
   "keywords": [
     "mcp",
@@ -324,15 +487,15 @@
     "node": ">=18.18.0"
   },
   "dependencies": {
-    "@anthropic-ai/sdk": "^0.24.0",
-    "@google/genai": "^1.48.0",
+    "@anthropic-ai/sdk": "^0.88.0",
+    "@google/genai": "^1.49.0",
     "@huggingface/transformers": "^4.0.1",
     "@lancedb/lancedb": "^0.27.2",
     "apache-arrow": "^18.1.0",
-    "better-sqlite3": "^12.8.0",
-    "dotenv": "^17.4.1",
+    "better-sqlite3": "^12.9.0",
+    "dotenv": "^17.4.2",
     "playwright-core": "^1.59.1",
-    "stripe": "^22.0.0"
+    "stripe": "^22.0.1"
   },
   "overrides": {
     "express@4.22.1": {
@@ -341,9 +504,9 @@
   },
   "mcpName": "io.github.IgorGanapolsky/thumbgate",
   "devDependencies": {
-    "@changesets/changelog-github": "^0.5.1",
+    "@changesets/changelog-github": "^0.6.0",
     "@changesets/cli": "^2.30.0",
     "c8": "^11.0.0",
-    "undici": "^8.0.2"
+    "undici": "^8.1.0"
   }
 }

package/scripts/audit-trail.js

@@ -12,10 +12,12 @@
 
 const fs = require('fs');
 const path = require('path');
+const crypto = require('crypto');
 const { resolveFeedbackDir } = require('./feedback-paths');
 const { ensureDir } = require('./fs-utils');
 
 const AUDIT_LOG_FILENAME = 'audit-trail.jsonl';
+const GATE_EVENTS_LOG_FILENAME = 'gate-events-log.jsonl';
 
 // ---------------------------------------------------------------------------
 // Paths
@@ -98,27 +100,34 @@ function sanitizeToolInput(toolInput) {
 // ---------------------------------------------------------------------------
 
 /**
- * Converts deny/warn audit events into ThumbGate feedback signal.
- * This is the core OpenShell insight: policy decisions ARE training signal.
+ * Converts deny/warn audit events into a separate gate-events log.
+ *
+ * IMPORTANT: Gate denials are NOT user feedback. Writing them to the main
+ * feedback-log.jsonl inflated user-facing stats ~18x (1,943 synthetic entries
+ * vs ~300 real). Gate events are now logged to gate-events-log.jsonl for
+ * internal analytics only — they never pollute thumbs-up/thumbs-down counts.
  */
 function auditToFeedback(auditRecord) {
   if (auditRecord.decision === 'allow') return null;
 
   try {
-    const feedbackLoop = require('./feedback-loop');
-    const signal = auditRecord.decision === 'deny' ? 'down' : 'down';
-    const context = `Gate "${auditRecord.gateId}" ${auditRecord.decision === 'deny' ? 'blocked' : 'warned'} tool "${auditRecord.toolName}": ${auditRecord.message || 'no message'}`;
-
-    return feedbackLoop.captureFeedback({
-      signal,
-      context,
-      what_went_wrong: `Agent attempted action blocked by policy gate: ${auditRecord.gateId}`,
-      what_to_change: auditRecord.message || 'Follow safety policy before attempting this action',
-      tags: ['audit-trail', 'auto-capture', `gate:${auditRecord.gateId}`, auditRecord.source].filter(Boolean),
-      title: `MISTAKE: Policy violation — ${auditRecord.gateId}`,
-    });
+    const { getFeedbackPaths } = require('./feedback-paths');
+    const { FEEDBACK_DIR } = getFeedbackPaths();
+    const gateLogPath = path.join(FEEDBACK_DIR, GATE_EVENTS_LOG_FILENAME);
+    ensureDir(path.dirname(gateLogPath));
+    const entry = {
+      id: `gate_${crypto.randomUUID()}`,
+      gateId: auditRecord.gateId,
+      decision: auditRecord.decision,
+      toolName: auditRecord.toolName,
+      message: auditRecord.message || null,
+      source: auditRecord.source || null,
+      timestamp: new Date().toISOString(),
+    };
+    fs.appendFileSync(gateLogPath, JSON.stringify(entry) + '\n');
+    return entry;
   } catch {
-    // Feedback capture failure should never break the audit trail
+    // Gate event logging failure should never break the audit trail
     return null;
   }
 }
@@ -316,6 +325,7 @@ module.exports = {
   getAuditLogPath,
   sanitizeToolInput,
   AUDIT_LOG_FILENAME,
+  GATE_EVENTS_LOG_FILENAME,
   CACHE_TUNE_STATE_FILENAME,
 };
 

package/scripts/auto-wire-hooks.js

@@ -94,6 +94,64 @@ function hookAlreadyPresent(hookArray, command) {
   );
 }
 
+/**
+ * pruneStaleFileHooks — Remove hook entries whose command references a shell
+ * script path that no longer exists on disk.
+ *
+ * Only paths that look like file references (contain a `/` or `\`, or end with
+ * `.sh`) are checked.  Pure command strings (node calls, npx invocations, etc.)
+ * are left untouched.
+ *
+ * @param {Array}  hookArray  - The array of hook-entry objects for one lifecycle.
+ * @param {string} [baseDir]  - Directory used to resolve relative paths
+ *                              (defaults to process.cwd()).
+ * @returns {{ hooks: Array, removedPaths: string[] }}
+ */
+function pruneStaleFileHooks(hookArray, baseDir) {
+  if (!Array.isArray(hookArray)) {
+    return { hooks: [], removedPaths: [] };
+  }
+
+  const resolveBase = baseDir || process.cwd();
+  const removedPaths = [];
+
+  const hooks = hookArray.filter((entry) => {
+    const entryHooks = Array.isArray(entry && entry.hooks) ? entry.hooks : [];
+    let shouldRemove = false;
+
+    for (const hook of entryHooks) {
+      const command = hook && typeof hook.command === 'string' ? hook.command : '';
+      if (!command) continue;
+
+      // Extract the first token as the potential script path.
+      const firstToken = command.split(/\s+/)[0];
+
+      // Only treat it as a file reference if it looks like a path.
+      const looksLikePath =
+        firstToken.includes('/') ||
+        firstToken.includes('\\') ||
+        firstToken.endsWith('.sh');
+
+      if (!looksLikePath) continue;
+
+      // Resolve the path (absolute or relative to baseDir).
+      const resolved = path.isAbsolute(firstToken)
+        ? firstToken
+        : path.resolve(resolveBase, firstToken);
+
+      if (!fs.existsSync(resolved)) {
+        removedPaths.push(firstToken);
+        shouldRemove = true;
+        break;
+      }
+    }
+
+    return !shouldRemove;
+  });
+
+  return { hooks, removedPaths };
+}
+
 function pruneLegacyHookEntries(hookArray, expectedCommand, legacyPattern) {
   if (!Array.isArray(hookArray)) {
     return { hooks: [], removed: false };
@@ -131,12 +189,78 @@ function syncClaudeStatusLine(settingsPath, desiredStatusLine, dryRun) {
   return true;
 }
 
+/**
+ * claudeProjectSettingsPath — returns the project-level .claude/settings.json
+ * path relative to the given base directory (defaults to CWD).
+ */
+function claudeProjectSettingsPath(baseDir) {
+  return path.join(baseDir || process.cwd(), '.claude', 'settings.json');
+}
+
+/**
+ * pruneStaleHooksInFile — reads a settings file, removes any hook entries that
+ * reference missing shell script files, and writes the file back if changed.
+ *
+ * @param {string}  filePath - Absolute path to the settings JSON file.
+ * @param {string}  baseDir  - Base directory for resolving relative script paths.
+ * @param {boolean} dryRun   - When true, changes are computed but not persisted.
+ * @returns {{ changed: boolean, removedPaths: string[] }}
+ */
+function pruneStaleHooksInFile(filePath, baseDir, dryRun) {
+  const settings = loadJsonFile(filePath);
+  if (!settings || !settings.hooks || typeof settings.hooks !== 'object') {
+    return { changed: false, removedPaths: [] };
+  }
+
+  const allRemovedPaths = [];
+  let changed = false;
+
+  for (const lifecycle of Object.keys(settings.hooks)) {
+    const { hooks, removedPaths } = pruneStaleFileHooks(settings.hooks[lifecycle], baseDir);
+    if (removedPaths.length > 0) {
+      settings.hooks[lifecycle] = hooks;
+      allRemovedPaths.push(...removedPaths);
+      changed = true;
+    }
+  }
+
+  if (changed && !dryRun) {
+    fs.writeFileSync(filePath, JSON.stringify(settings, null, 2) + '\n');
+  }
+
+  return { changed, removedPaths: allRemovedPaths };
+}
+
 function wireClaudeHooks(options) {
   const settingsPath = options.settingsPath || claudeSettingsPath();
   const sharedSettingsPath = options.sharedSettingsPath || claudeSharedSettingsPath();
+  const projectSettingsPath =
+    options.projectSettingsPath || claudeProjectSettingsPath(options.projectDir);
   const dryRun = options.dryRun || false;
+  const projectDir = options.projectDir || process.cwd();
   const desiredStatusLine = statuslineCommand();
 
+  // --- Step 0: clean up stale hooks from BOTH settings locations ---
+  const staleWarnings = [];
+
+  // User-level: ~/.claude/settings.local.json
+  const userStale = pruneStaleHooksInFile(settingsPath, projectDir, dryRun);
+  for (const p of userStale.removedPaths) {
+    const msg = `Removed stale hook referencing missing file: ${p}`;
+    console.warn(msg);
+    staleWarnings.push({ file: settingsPath, path: p });
+  }
+
+  // Project-level: $CWD/.claude/settings.json (takes precedence for some events)
+  if (fs.existsSync(projectSettingsPath)) {
+    const projStale = pruneStaleHooksInFile(projectSettingsPath, projectDir, dryRun);
+    for (const p of projStale.removedPaths) {
+      const msg = `Removed stale hook referencing missing file: ${p}`;
+      console.warn(msg);
+      staleWarnings.push({ file: projectSettingsPath, path: p });
+    }
+  }
+
   let settings = loadJsonFile(settingsPath) || {};
   settings.hooks = settings.hooks || {};
 
@@ -426,10 +550,13 @@ module.exports = {
   parseFlags,
   claudeSettingsPath,
   claudeSharedSettingsPath,
+  claudeProjectSettingsPath,
   codexConfigPath,
   geminiSettingsPath,
   syncClaudeStatusLine,
   forgeConfigPath,
+  pruneStaleFileHooks,
+  pruneStaleHooksInFile,
   CLAUDE_HOOKS,
   preToolHookCommand,
   userPromptHookCommand,

package/scripts/cli-demo.js

@@ -0,0 +1,102 @@
+#!/usr/bin/env node
+'use strict';
+
+/**
+ * cli-demo.js — simulated walkthrough of the ThumbGate value prop.
+ *
+ * Shows in ~10 seconds:
+ *   1. A mock bad action (force-push)
+ *   2. Giving it a thumbs-down
+ *   3. Lesson created
+ *   4. Next session: gate fires, action blocked
+ *
+ * No actual data is written — this is a pure simulation for onboarding.
+ */
+
+const BD = '\x1b[1m';
+const RST = '\x1b[0m';
+const G = '\x1b[32m';
+const R = '\x1b[31m';
+const C = '\x1b[36m';
+const Y = '\x1b[33m';
+const D = '\x1b[90m';
+
+function sleep(ms) {
+  const end = Date.now() + ms;
+  while (Date.now() < end) { /* spin — no async needed for short delays */ }
+}
+
+function runDemo(options = {}) {
+  const json = options.json || false;
+
+  if (json) {
+    const steps = [
+      { step: 1, event: 'bad_action', description: 'Agent runs: git push --force origin main', result: 'executed', badge: 'ALLOWED' },
+      { step: 2, event: 'thumbs_down', description: 'User gives thumbs-down feedback', signal: 'down', context: 'force-pushed to main, overwrote teammate\'s work' },
+      { step: 3, event: 'lesson_created', description: 'ThumbGate creates a lesson from the feedback', lesson: { id: 'demo-lesson-001', signal: 'negative', context: 'force-pushed to main', whatWentWrong: 'Overwrote teammate\'s commits on main branch', whatToChange: 'Never force-push to protected branches' } },
+      { step: 4, event: 'gate_promoted', description: 'Pattern detected: 2+ failures on force-push → auto-promoted to blocking gate', gate: { id: 'auto-block-force-push', pattern: 'git push --force.*main', action: 'block', occurrences: 2 } },
+      { step: 5, event: 'gate_fires', description: 'Next session: agent tries git push --force origin main', result: 'BLOCKED', reason: 'Auto-promoted gate: force-push to main detected' },
+    ];
+    return { demo: true, steps };
+  }
+
+  const lines = [];
+  const w = (s) => lines.push(s);
+
+  w('');
+  w(`${BD}${C}thumbgate demo${RST} — see ThumbGate in action (simulated)`);
+  w('═'.repeat(60));
+  w('');
+
+  // Step 1: Bad action
+  w(`${BD}Session 1: Agent runs a risky command${RST}`);
+  w(`${D}─────────────────────────────────────${RST}`);
+  w(`  ${D}Agent>${RST} ${BD}git push --force origin main${RST}`);
+  w(`  ${G}[ALLOWED]${RST} — No gates configured yet, action proceeds.`);
+  w(`  ${R}💥 Result: teammate's commits overwritten on main${RST}`);
+  w('');
+
+  // Step 2: Thumbs down
+  w(`${BD}You give feedback:${RST}`);
+  w(`  ${R}👎 thumbs-down${RST} — "force-pushed to main, overwrote teammate's work"`);
+  w('');
+
+  // Step 3: Lesson
+  w(`${BD}ThumbGate captures a lesson:${RST}`);
+  w(`${D}─────────────────────────────────────${RST}`);
+  w(`  ${Y}[LEARNING]${RST} Lesson created`);
+  w(`  Signal      : ${R}negative${RST}`);
+  w(`  Context     : force-pushed to main`);
+  w(`  Root cause  : Overwrote teammate's commits on main branch`);
+  w(`  Corrective  : Never force-push to protected branches`);
+  w(`  Tags        : git, deployment, data-loss`);
+  w('');
+
+  // Step 4: Gate promotion
+  w(`${BD}Pattern detected (2+ similar failures):${RST}`);
+  w(`  ${Y}→${RST} Auto-promoted to ${R}blocking gate${RST}`);
+  w(`  Gate ID     : auto-block-force-push`);
+  w(`  Pattern     : git push --force.*main`);
+  w(`  Action      : ${R}block${RST}`);
+  w('');
+
+  // Step 5: Next session — blocked
+  w(`${BD}Session 2: Agent tries the same command${RST}`);
+  w(`${D}─────────────────────────────────────${RST}`);
+  w(`  ${D}Agent>${RST} ${BD}git push --force origin main${RST}`);
+  w(`  ${R}[BLOCKED]${RST} Gate fired: force-push to main detected`);
+  w(`  ${G}✅ Mistake prevented. Teammate's work is safe.${RST}`);
+  w('');
+
+  w('═'.repeat(60));
+  w(`${BD}That's ThumbGate:${RST} one thumbs-down → permanent protection.`);
+  w('');
+  w(`  Get started: ${C}npx thumbgate init${RST}`);
+  w(`  Capture:     ${C}npx thumbgate capture --feedback=down --context="what failed"${RST}`);
+  w(`  Check gates: ${C}npx thumbgate gate-stats --json${RST}`);
+  w('');
+
+  return lines.join('\n');
+}
+
+module.exports = { runDemo };