thumbgate 1.5.0 → 1.5.2

package/README.md

@@ -1,22 +1,32 @@
 # ThumbGate
 
-**Stop AI agents before they make costly mistakes.**
+**Your AI coding bill has a leak.**
 
-ThumbGate checks risky commands, file edits, deploys, API calls, and other agent actions before they run. Thumbs-up/down feedback becomes remembered lessons, repeated failures become Pre-Action Gates, and the next bad action gets blocked instead of becoming another cleanup bill.
+**Stop paying $ for the same AI mistake.**
+
+Every retry loop, every hallucinated import, every *"let me try a different approach"* — those are billable tokens on every LLM vendor's bill. Thumbs-down once; ThumbGate blocks that exact mistake on every future call. Across Claude Code, Cursor, Codex, Gemini, Amp, OpenCode — any MCP-compatible agent, forever.
+
+Under the hood: your thumbs-down becomes a **Pre-Action Gate** that physically blocks the pattern **permanently** on every future call — across every session, every model, every agent. It is **self-improving agent governance**: every correction promotes a fresh prevention rule, and your library of Pre-Action Gates grows stronger with every lesson. Works with Claude Code, Cursor, Codex, Gemini CLI, Amp, OpenCode, and any MCP-compatible agent. The monthly Anthropic / OpenAI bill stops paying for the same lesson over and over — local-first enforcement, zero tokens spent on repeats.
+
+> **Prevent expensive AI mistakes. Make AI stop repeating mistakes. Turn a smart assistant into a reliable operator.**
+
+> **Mission:** make AI coding affordable by making sure you never pay for the same mistake twice.
 
 [![CI](https://github.com/IgorGanapolsky/ThumbGate/actions/workflows/ci.yml/badge.svg)](https://github.com/IgorGanapolsky/ThumbGate/actions/workflows/ci.yml)
 [![npm](https://img.shields.io/npm/v/thumbgate)](https://www.npmjs.com/package/thumbgate)
 [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
-[![Start Sprint](https://img.shields.io/badge/Workflow%20Hardening%20Sprint-Start%20Intake%20→-16a34a?style=for-the-badge)](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=badge_cta#workflow-sprint-intake)
-[![Open ThumbGate GPT](https://img.shields.io/badge/ChatGPT-Open%20ThumbGate%20GPT-10a37f?style=for-the-badge&logo=openai&logoColor=white)](https://thumbgate-production.up.railway.app/go/gpt?utm_source=github&utm_medium=readme&utm_campaign=badge_cta&cta_id=readme_badge_open_gpt&cta_placement=readme_badge)
 
-**[Workflow Hardening Sprint](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=top_cta#workflow-sprint-intake)** · **[Open ThumbGate GPT](https://thumbgate-production.up.railway.app/go/gpt?utm_source=github&utm_medium=readme&utm_campaign=top_cta&cta_id=readme_open_gpt&cta_placement=readme_top)** · **[ChatGPT Actions setup](adapters/chatgpt/INSTALL.md)** · **[Install Claude Desktop Extension](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-claude-desktop.mcpb)** · **[Claude Plugin Guide](docs/CLAUDE_DESKTOP_EXTENSION.md)** · **[Install Codex Plugin](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-codex-plugin.zip)** · **[ThumbGate Bench](docs/THUMBGATE_BENCH.md)** · **[Perplexity Command Center](docs/PERPLEXITY_MAX_COMMAND_CENTER.md)** · **[Live Dashboard](https://thumbgate-production.up.railway.app/dashboard?utm_source=github&utm_medium=readme&utm_campaign=top_cta)** · **[Pro Page](https://thumbgate-production.up.railway.app/pro?utm_source=github&utm_medium=readme&utm_campaign=pro_page)**
+---
 
-**Popular buyer questions:** **[Stop repeated AI agent mistakes](https://thumbgate-production.up.railway.app/guides/stop-repeated-ai-agent-mistakes?utm_source=github&utm_medium=readme&utm_campaign=buyer_questions)** · **[Cursor guardrails](https://thumbgate-production.up.railway.app/guides/cursor-agent-guardrails?utm_source=github&utm_medium=readme&utm_campaign=buyer_questions)** · **[Codex CLI guardrails](https://thumbgate-production.up.railway.app/guides/codex-cli-guardrails?utm_source=github&utm_medium=readme&utm_campaign=buyer_questions)** · **[Gemini CLI memory + enforcement](https://thumbgate-production.up.railway.app/guides/gemini-cli-feedback-memory?utm_source=github&utm_medium=readme&utm_campaign=buyer_questions)**
+## 🎬 90-second demo
+
+Watch the force-push scenario: agent tries to `git push --force`, one thumbs-down, next session it's blocked — zero tokens spent on the repeat.
 
-**Running Claude Desktop?** **[Download Claude bundle](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-claude-desktop.mcpb)** · **[Install + submission guide](docs/CLAUDE_DESKTOP_EXTENSION.md)** · **[Review packet zip](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-claude-plugin-review.zip)**
+[**▶ Watch the 90-second demo**](https://thumbgate-production.up.railway.app/#demo?utm_source=github&utm_medium=readme&utm_campaign=demo_video) · [Script](docs/marketing/demo-video-script.md) · [ElevenLabs narration: `npm run demo:voiceover`](scripts/generate-demo-voiceover.js)
 
-**Running Codex?** **[Download the standalone Codex plugin bundle](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-codex-plugin.zip)** · **[Codex install guide](plugins/codex-profile/INSTALL.md)**
+<!-- Video embed lives on the landing page and YouTube. Script + voiceover automation ship with the repo so anyone can re-record. -->
+
+---
 
 ## First-dollar activation path
 
@@ -29,65 +39,116 @@ If someone is not already bought into ThumbGate, do not lead with architecture.
 
 The buying question is simple: **what repeated AI mistake would be worth blocking before the next tool call?**
 
-## ThumbGate GPT: start here
+---
+
+## The Problem — the bill nobody talks about
 
-**Use ThumbGate in ChatGPT now:** **[Open the live ThumbGate GPT](https://thumbgate-production.up.railway.app/go/gpt?utm_source=github&utm_medium=readme&utm_campaign=gpt_intro&cta_id=readme_intro_open_gpt&cta_placement=readme_intro)**, paste the action your AI agent wants to run, and ask whether to allow, block, or checkpoint it before the mistake becomes expensive.
+Frontier-model calls are not cheap. Sonnet 4.5 is ~$3 / 1M input tokens and ~$15 / 1M output tokens. Opus is 5× that. Every time your agent:
 
-Try this first prompt:
+- hallucinates a function name and you have to correct it,
+- retries the same failing tool call until it gives up,
+- regenerates a 4,000-token plan you already approved last session,
+- repeats a destructive command you blocked manually yesterday,
 
-```text
-Check this agent action before it runs: git push --force --tags
+…you are paying for that round-trip. *Twice if it retries. Three times if you re-prompt.* And the agent has no memory across sessions, so the meter resets every Monday.
+
+```
+Session 1:  Agent force-pushes to main.     You fix it.    +4,200 tokens
+Session 2:  Agent force-pushes again.       You fix it.    +4,200 tokens
+Session 3:  Same mistake. Again.            You lose 45m.  +5,800 tokens
 ```
 
-**No, users do not have to keep chatting inside the ThumbGate GPT to use ThumbGate.** The GPT is the fast demo, guided setup path, and thumbs-up/down memory surface for ChatGPT users. Think of the GPT as advice and checkpointing; the hard enforcement layer still runs where the work happens: your local coding agent, CI workflow, or MCP-compatible runtime after `npx thumbgate init`.
+That's ~$0.21 in tokens just to fix the same mistake three times — multiplied by every developer, every repeated-mistake class, every week. The math gets ugly fast.
+
+## The Solution — fix it once, the bill never sees it again
+
+```
+Session 1:  Agent force-pushes to main.     You 👎 it.       +4,200 tokens
+Session 2:  ⛔ Gate blocks the force-push.  Zero round-trip. +0 tokens
+Session 3+: Never happens again.                              +0 tokens
+```
 
-Developers can import the prepared **[GPT Actions OpenAPI spec](adapters/chatgpt/openapi.yaml)** with the **[ChatGPT Actions setup guide](adapters/chatgpt/INSTALL.md)**. Regular ChatGPT users should just open the GPT and type what happened.
+One thumbs-down. The PreToolUse hook intercepts the call **before** it reaches the model — no input tokens, no output tokens, no retry loop. The dashboard tracks **tokens saved this week** as a live counter so you can see exactly what your prevention rules are worth.
 
-**Official directory pending review?** Claude Code users can install today with `/plugin marketplace add IgorGanapolsky/ThumbGate` then `/plugin install thumbgate@thumbgate-marketplace`.
+ThumbGate doesn't make your agent smarter. It makes your agent *cheaper to be wrong with.*
 
-**Using Perplexity Max?** ThumbGate ships a **[Perplexity Command Center](docs/PERPLEXITY_MAX_COMMAND_CENTER.md)** that runs AI-search visibility checks, Search API lead discovery, Agent API strategy briefs, and official Perplexity MCP config generation. It is scheduled in GitHub Actions and uploads artifacts without committing runtime `.thumbgate` state.
+---
 
-**Need proof that gates improve safety without killing capability?** Run **[ThumbGate Bench](docs/THUMBGATE_BENCH.md)**:
+## Quick Start
 
 ```bash
-npm run thumbgate:bench
+npx thumbgate init       # auto-detects your agent, wires everything
+npx thumbgate capture "Never run DROP on production tables"
 ```
 
-It scores deterministic GitHub, npm, database, Railway, shell, and filesystem scenarios with `unsafeActionRate`, `capabilityRate`, `positivePromotionRate`, and `replayStability` so teams can inspect the Reliability Gateway before a Workflow Hardening Sprint.
+That single command creates a gate rule. Next time any AI agent tries to run `DROP` on production:
+
+```
+⛔ Gate blocked: "Never run DROP on production tables"
+   Pattern: DROP.*production
+   Verdict: BLOCK
+```
 
 ---
 
-## What problem does this solve?
+## Architecture
 
-AI agents repeat expensive mistakes. You fix the same problem in session after session — force-push to main, broken migrations, unauthorized file edits, risky deploys — because the agent has no durable memory of your feedback and no gate before execution.
+ThumbGate operates as a 4-layer enforcement stack between your AI agent and your codebase:
 
-ThumbGate sells three concrete outcomes:
+![ThumbGate Architecture](docs/diagrams/thumbgate_architecture.png)
 
-- **Prevent expensive AI mistakes** — catch bad commands, destructive database actions, unsafe publishes, and risky API calls before they run.
-- **Make AI stop repeating mistakes** — fix it once, turn the lesson into a rule, and block the repeat before the next tool call lands.
-- **Turn AI into a reliable operator** — move from a smart assistant that apologizes after damage to a production-ready operator with checkpoints, proof, and enforcement.
+### Layer 1: Feedback Capture
+Your thumbs-up/down reactions are captured via MCP protocol, CLI, or the ChatGPT GPT surface. Each reaction is stored as a structured lesson with context, timestamp, and severity.
 
-```
-┌─────────────────────────────────────────────────────────────┐
-│                    THE PROBLEM                              │
-│                                                             │
-│  Session 1: Agent breaks something. You fix it.             │
-│  Session 2: Agent breaks it again. You fix it again.        │
-│  Session 3: Same thing. Again.                              │
-│                                                             │
-│                    THE SOLUTION                             │
-│                                                             │
-│  Session 1: Agent breaks something. You 👎 it.              │
-│  Session 2: ⛔ Gate blocks the mistake before it happens.   │
-│  Session 3+: Never see it again.                            │
-└─────────────────────────────────────────────────────────────┘
-```
+### Layer 2: Gate Engine
+The gate engine converts lessons into enforceable rules using pattern matching, semantic similarity (via LanceDB vectors), and Thompson Sampling for adaptive rule selection. Rules are stored locally in `.thumbgate/gates/`.
+
+### Layer 3: Pre-Action Interception
+Before any agent action executes, ThumbGate's `PreToolUse` hook intercepts the command and evaluates it against all active gates. This happens at the MCP protocol level — the agent physically cannot bypass it.
+
+### Layer 4: Multi-Agent Distribution
+Gates are distributed across all connected agents via MCP stdio protocol. One correction in Claude Code protects Cursor, Codex, Gemini CLI, and any MCP-compatible agent.
+
+Prompt engineering still matters, but it is only the starting point. ThumbGate adds prompt evaluation on top: proof lanes, benchmarks, and self-heal checks tell you whether your prompt and workflow actually held up under execution instead of leaving you to guess from vibes.
+
+![Feedback Pipeline](docs/diagrams/feedback_pipeline.png)
+
+![Agent Integration](docs/diagrams/agent_integration.png)
+
+---
+
+## Install for Your Agent
+
+| Agent | Command |
+|-------|---------|
+| **Claude Code** | `npx thumbgate init --agent claude-code` |
+| **Cursor** | `npx thumbgate init --agent cursor` |
+| **Codex** | `npx thumbgate init --agent codex` |
+| **Gemini CLI** | `npx thumbgate init --agent gemini` |
+| **Amp** | `npx thumbgate init --agent amp` |
+| **Claude Desktop** | [Download extension bundle](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-claude-desktop.mcpb) |
+| **Any MCP agent** | `npx thumbgate serve` |
+
+Works with **Claude Code, Cursor, Codex, Gemini CLI, Amp, OpenCode**, and any MCP-compatible agent.
+
+### Status bar proof
+
+![Claude Code ThumbGate footer](public/assets/claude-thumbgate-statusbar.svg)
+
+![Codex ThumbGate test lane](public/assets/codex-thumbgate-statusbar-test.svg)
 
-ThumbGate is the **Reliability Gateway** for AI coding agents — turning your feedback into **enforced rules**, not suggestions.
+Claude renders the live ThumbGate footer today. `npx thumbgate init --agent codex` now installs the full Codex hook bundle and writes the ThumbGate `statusLine` target into `~/.codex/config.json` so you can test it on your local Codex build immediately.
+
+### Install Codex Plugin
+
+Download the standalone Codex plugin bundle and follow the install guide:
+
+1. Download: [thumbgate-codex-plugin.zip](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-codex-plugin.zip)
+2. Follow: [plugins/codex-profile/INSTALL.md](plugins/codex-profile/INSTALL.md)
 
 ---
 
-## How It Works in 3 Steps
+## How It Works
 
 ```
   STEP 1              STEP 2                 STEP 3
@@ -102,46 +163,75 @@ ThumbGate is the **Reliability Gateway** for AI coding agents — turning your f
   agent action        reinforced                 (or ✅ allowed)
 ```
 
-That's it. No manual rule-writing. No config files to maintain. Your reactions teach the agent what your team actually wants.
+No manual rule-writing. No config files. Your reactions teach the agent what your team actually wants.
+
+---
+
+ThumbGate sells three concrete outcomes:
+
+- **Prevent expensive AI mistakes** — catch bad commands, destructive database actions, unsafe publishes, and risky API calls before they run.
+- **Make AI stop repeating mistakes** — fix it once, turn the lesson into a rule, and block the repeat before the next tool call lands.
+- **Turn AI into a reliable operator** — move from a smart assistant that apologizes after damage to a production-ready operator with checkpoints, proof, and enforcement.
+- **Measure prompts instead of rewriting them blindly** — use proof lanes, ThumbGate Bench, and `self-heal:check` to evaluate whether prompts and workflows actually improved behavior.
 
 ---
 
-## Before / After
+## Use Cases
+
+- **Stop force-push to main** — Gate blocks `git push --force` on protected branches before it runs
+- **Prevent repeated migration failures** — Each mistake becomes a searchable lesson that fires before the next attempt
+- **Block unauthorized file edits** — Control which files agents can touch with path-based rules
+- **Memory across sessions** — The agent remembers your feedback from yesterday
+- **Shared team safety** — One developer's thumbs-down protects the whole team
+- **Auto-improving without feedback** — Self-improvement mode evaluates outcomes and generates rules automatically
+
+---
+
+## Built-in Gates
 
 ```
-WITHOUT THUMBGATE              │  WITH THUMBGATE
-───────────────────────────────┼───────────────────────────────
-Session 1:                     │  Session 1:
-  Agent force-pushes to main.  │    Agent force-pushes to main.
-  You correct it manually.     │    You 👎 it.
-                               │
-Session 2:                     │  Session 2:
-  Agent force-pushes again.    │    ⛔ Gate blocks force-push.
-  It learned nothing.          │    Agent uses safe push instead.
-                               │
-Session 3:                     │  Session 3+:
-  Same mistake. Again.         │    Permanently fixed.
-  And again.                   │
+⛔ force-push          → blocks git push --force
+⛔ protected-branch    → blocks direct push to main
+⛔ unresolved-threads  → blocks push with open reviews
+⛔ package-lock-reset  → blocks destructive lock edits
+⛔ env-file-edit       → blocks .env secret exposure
+
++ custom gates in config/gates/custom.json
 ```
 
 ---
 
-## The Feedback Loop
+## CLI Reference
 
-```
-┌──────────┐    ┌──────────┐    ┌──────────┐    ┌──────────┐    ┌──────────┐
-│ Capture  │───►│  Learn   │───►│ Remember │───►│   Rule   │───►│   Gate   │
-│          │    │          │    │          │    │          │    │          │
-│ 👍 / 👎  │    │ Feedback │    │ Stored   │    │ Auto-    │    │ Blocks   │
-│          │    │ becomes  │    │ lessons  │    │ generated│    │ bad      │
-│          │    │ a lesson │    │ & search │    │ from     │    │ actions  │
-│          │    │          │    │          │    │ feedback │    │ live     │
-└──────────┘    └──────────┘    └──────────┘    └──────────┘    └──────────┘
+```bash
+npx thumbgate init       # detect agent, wire hooks
+npx thumbgate doctor     # health check
+npx thumbgate capture    # create a gate from text
+npx thumbgate lessons    # see what's been learned
+npx thumbgate explore    # terminal explorer for lessons, gates, stats
+npx thumbgate dashboard  # open local dashboard
+npx thumbgate serve      # start MCP server on stdio
+npx thumbgate bench      # run reliability benchmark
 ```
 
 ---
 
-## Get Started
+## Pricing
+
+| | Free | Pro ($19/mo) | Team ($49/seat/mo) |
+|---|---|---|---|
+| Local CLI + enforced gates | ✅ | ✅ | ✅ |
+| Feedback captures/day | 3 | Unlimited | Unlimited |
+| Prevention rules | 1 | Unlimited | Unlimited |
+| Agent connections | 1 | Unlimited | Unlimited |
+| Personal dashboard | — | ✅ | ✅ |
+| DPO export (model fine-tuning) | — | ✅ | ✅ |
+| Team lesson export/import | — | ✅ | ✅ |
+| Shared hosted lesson DB | — | — | ✅ |
+| Org-wide dashboard | — | — | ✅ |
+| Approval + audit proof | — | — | ✅ |
+
+The free tier gives you 3 feedback captures, 1 rule, and 1 agent — enough to prove the enforcement loop works. Pro is $19/mo or $149/yr for unlimited everything plus a dashboard and history-aware lesson recall. Team is $49/seat/mo with shared hosted lesson DB, org dashboard, and shared enforcement. Pro and Team include open_feedback_session, append_feedback_context, and finalize_feedback_session for structured multi-turn feedback capture.
 
 **Best first paid motion for teams:** the **Workflow Hardening Sprint** — qualify one repeated failure before committing to a full rollout. **[Start intake →](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=team_rollout#workflow-sprint-intake)**
 
@@ -149,223 +239,161 @@ Session 3:                     │  Session 3+:
 
 **Paid path for individual operators:** [ThumbGate Pro](https://thumbgate-production.up.railway.app/pro?utm_source=github&utm_medium=readme&utm_campaign=pro_page) is the self-serve side lane for a personal dashboard and export-ready evidence.
 
-**Plain product line:** GPT preview = advice and checkpointing. Free local CLI (3 daily feedback captures, 5 daily lesson searches) = basic enforcement on one machine. Pro ($19/mo or $149/yr) = personal enforcement proof, dashboard, and exports. Team = shared hosted lesson DB, org dashboard, and shared enforcement so one correction protects every seat.
+**[Start free](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme)** · **[See Pro](https://thumbgate-production.up.railway.app/pro?utm_source=github&utm_medium=readme)** · **[Team Sprint intake](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme#workflow-sprint-intake)**
 
 ---
 
-## Quick Start
+## Team Lesson Sharing (Pro + Team)
 
-```bash
-npx thumbgate init    # detects your agent and wires everything up
-npx thumbgate doctor  # health check
-npx thumbgate lessons # see what's been learned
-npx thumbgate explore # terminal explorer for lessons, gates, and stats
-npx thumbgate dashboard # open local dashboard
-```
+One team's hard-won lessons shouldn't stay trapped on one laptop. ThumbGate Pro and Team can export lessons as portable bundles and import them into any other ThumbGate instance — so a mistake caught by Team A becomes a prevention rule for Team B.
 
-Or wire MCP directly: `claude mcp add thumbgate -- npx --yes --package thumbgate thumbgate serve`
-
-Works with **Claude Code, Cursor, Codex, Gemini CLI, Amp, OpenCode**, and any MCP-compatible agent.
-
----
-
-## Install for Your Agent
+**Export lessons from one project:**
 
-### Claude Code
 ```bash
-npx thumbgate init --agent claude-code
+curl -X POST http://localhost:3456/v1/lessons/export \
+  -H "Authorization: Bearer $THUMBGATE_API_KEY" \
+  -H "Content-Type: application/json" \
+  -d '{"outputPath": "./lessons-export.json"}'
 ```
-Wires hooks automatically. Works immediately.
 
-### Cursor
-```bash
-npx thumbgate init --agent cursor
-```
-Installs as a Cursor extension with 4 skills: capture feedback, manage rules, search lessons, recall context.
-
-### Codex
-```bash
-npx thumbgate init --agent codex
-```
-Bridges to Codex CLI with 6 skills including adversarial review and second-pass analysis.
+Filter by signal or tags:
 
-### Gemini CLI
 ```bash
-npx thumbgate init --agent gemini
+curl -X POST http://localhost:3456/v1/lessons/export \
+  -H "Authorization: Bearer $THUMBGATE_API_KEY" \
+  -H "Content-Type: application/json" \
+  -d '{"signal": "down", "tags": ["push-notifications", "ci"]}'
 ```
 
-### Amp
-```bash
-npx thumbgate init --agent amp
-```
+**Import into another team's ThumbGate:**
 
-### Any MCP-Compatible Agent
 ```bash
-npx thumbgate serve
-```
-Starts the MCP server on stdio. Connect from any MCP-compatible client.
-
-### Claude Desktop
-Add to your `claude_desktop_config.json`:
-```json
-{
-  "mcpServers": {
-    "thumbgate": {
-      "command": "npx",
-      "args": ["--yes", "--package", "thumbgate", "thumbgate", "serve"]
-    }
-  }
-}
+curl -X POST http://localhost:3456/v1/lessons/import \
+  -H "Authorization: Bearer $THUMBGATE_API_KEY" \
+  -H "Content-Type: application/json" \
+  -d @lessons-export.json
 ```
-Or [download the packaged extension bundle](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-claude-desktop.mcpb) and install directly.
 
----
+What happens on import:
+- **Deduplication** — lessons with the same ID or title+signal are skipped
+- **Provenance tracking** — every imported lesson is tagged `team-import` with original source project, export timestamp, and original ID
+- **No overwrite** — import is additive; existing lessons are never modified
 
-## Use Cases
+The export bundle includes full lesson metadata: signal, title, context, tags, failure type, skill, structured rules, and diagnosis. It's the same data you see in the lesson detail dashboard — portable as JSON.
 
-- **Stop force-push to main** — A gate blocks `git push --force` on protected branches before it runs
-- **Prevent repeated migration failures** — Each mistake becomes a searchable lesson that fires before the next attempt
-- **Block unauthorized file edits** — Control which files agents can touch with path-based rules
-- **Memory across sessions** — The agent remembers your feedback from yesterday without any manual rule-writing
-- **Shared team safety** — One developer's thumbs-down protects the whole team from the same mistake
-- **Auto-improving without feedback** — Self-improvement mode evaluates outcomes and generates rules automatically
+**Use cases:**
+- Share enforcement patterns across repos in the same org
+- Onboard a new team with pre-built lessons from a mature project
+- Export lessons before a project handoff so institutional knowledge transfers
+- Feed lessons from multiple teams into a centralized DPO training pipeline
 
 ---
 
-## Feedback Sessions
+## DPO Export for Fine-Tuning (Pro + Team)
 
-Give the agent more context when a thumbs-down isn't enough:
+Every thumbs-up and thumbs-down becomes a training signal. ThumbGate Pro exports your captured feedback as DPO (Direct Preference Optimization) pairs — ready to feed into a LoRA fine-tune so your model stops repeating known mistakes at the weight level, not just the gate level.
 
+**Export DPO pairs:**
+
+```bash
+curl -X POST http://localhost:3456/v1/dpo/export \
+  -H "Authorization: Bearer $THUMBGATE_API_KEY" \
+  -o dpo-pairs.jsonl
 ```
-👎 thumbs down
-  └─► open_feedback_session
-        └─► "you lied about deployment"    (append_feedback_context)
-        └─► "tests were actually failing"  (append_feedback_context)
-        └─► finalize_feedback_session
-              └─► lesson inferred from full conversation
-```
 
-ThumbGate uses up to 8 prior conversation entries to turn vague, history-aware negative signals into specific, actionable lessons. A 60-second follow-up window stays open for additional context via `open_feedback_session` → `append_feedback_context` → `finalize_feedback_session`.
+**What you get:** JSONL where each line is a preference pair:
+- `chosen` — the agent action you thumbed up
+- `rejected` — the action you thumbed down for the same task context
+- `prompt` — the originating user intent
+
+**Use cases:**
+- Fine-tune Llama 3 / Mistral / local models with a LoRA adapter trained on your real mistakes
+- Feed into RLAIF or KTO pipelines (KTO export also available via `/v1/kto/export`)
+- Build a model that natively avoids your team's known failure patterns — no gate at inference time needed
 
-Free and self-hosted users can invoke `search_lessons` directly through MCP, and via the CLI with `npx thumbgate lessons`.
+**Why this matters:** Gates block mistakes. Fine-tuning prevents them from being attempted. Combine both for belt-and-suspenders governance.
 
 ---
 
-## Built-in Gates
+## Tech Stack
 
-```
-┌─────────────────────────────────────────────────────────┐
-│                   ENFORCEMENT LAYER                     │
-│                                                         │
-│  ⛔ force-push          → blocks git push --force       │
-│  ⛔ protected-branch    → blocks direct push to main    │
-│  ⛔ unresolved-threads  → blocks push with open reviews │
-│  ⛔ package-lock-reset  → blocks destructive lock edits │
-│  ⛔ env-file-edit       → blocks .env secret exposure   │
-│                                                         │
-│  + custom gates in config/gates/custom.json             │
-└─────────────────────────────────────────────────────────┘
-```
+| Layer | Technology |
+|-------|-----------|
+| **Storage** | SQLite + FTS5, LanceDB vectors, JSONL logs |
+| **Capture** | 3 feedback capture/day (free), unlimited (Pro) |
+| **Intelligence** | MemAlign dual recall, Thompson Sampling |
+| **Enforcement** | PreToolUse hook engine, Gates config |
+| **Interfaces** | MCP stdio, HTTP API, CLI (Node.js >=18) |
+| **Billing** | Stripe |
+| **Execution** | Railway, Cloudflare Workers, Docker Sandboxes |
+| **Governance** | Workflow Sentinel, control plane, Docker Sandboxes |
+
+Every Changeset is tied to the exact `main` merge commit and generates Verification Evidence for Release Confidence.
 
 ---
 
-## Pricing
+**Popular buyer questions:** **[Stop repeated AI agent mistakes](https://thumbgate-production.up.railway.app/guides/stop-repeated-ai-agent-mistakes?utm_source=github&utm_medium=readme&utm_campaign=buyer_questions)** · **[Cursor guardrails](https://thumbgate-production.up.railway.app/guides/cursor-agent-guardrails?utm_source=github&utm_medium=readme&utm_campaign=buyer_questions)** · **[Codex CLI guardrails](https://thumbgate-production.up.railway.app/guides/codex-cli-guardrails?utm_source=github&utm_medium=readme&utm_campaign=buyer_questions)** · **[Gemini CLI memory + enforcement](https://thumbgate-production.up.railway.app/guides/gemini-cli-feedback-memory?utm_source=github&utm_medium=readme&utm_campaign=buyer_questions)**
 
-```
-┌──────────────────┬──────────────────────────────┬──────────────────────┐
-│   FREE           │  TEAM  $99/seat/mo (min 3)   │  PRO  $19/mo · $149/yr│
-├──────────────────┼──────────────────────────────┼──────────────────────┤
-│ Local CLI        │ Workflow Hardening Sprint     │ Personal dashboard   │
-│ Enforced gates   │ Shared hosted lesson DB       │ Export feedback data │
-│ 3 captures/day   │ Org-wide dashboard            │ Review-ready exports │
-│ 5 searches/day   │ Approval + audit proof        │                      │
-│ Unlimited recall │ Isolated execution guidance   │                      │
-└──────────────────┴──────────────────────────────┴──────────────────────┘
-```
+**[Workflow Hardening Sprint](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=top_cta#workflow-sprint-intake)** · **[Live Dashboard](https://thumbgate-production.up.railway.app/dashboard?utm_source=github&utm_medium=readme&utm_campaign=top_cta)**
 
-**[Start Workflow Hardening Sprint](https://thumbgate-production.up.railway.app/?utm_source=github&utm_medium=readme&utm_campaign=top_cta#workflow-sprint-intake)** · **[Live Dashboard](https://thumbgate-production.up.railway.app/dashboard?utm_source=github&utm_medium=readme&utm_campaign=top_cta)** · **[See Pro](https://thumbgate-production.up.railway.app/pro?utm_source=github&utm_medium=readme&utm_campaign=pro_page)**
+---
+
+## Integrations
 
-**Where to start:**
-- **Teams:** Begin with the Workflow Hardening Sprint — prove one costly repeat failure can be blocked before committing to a full rollout
-- **Solo operators:** ThumbGate Pro adds personal enforcement proof, a gate debugger, and export-ready evidence
-- **Individuals & open source:** Free CLI tier, self-hosted, with local Pre-Action Gates after install
+- **[Open ThumbGate GPT](https://thumbgate-production.up.railway.app/go/gpt?utm_source=github&utm_medium=readme&utm_campaign=readme_gpt)** — ThumbGate GPT: start here. Paste agent actions, get advice + checkpointing. No, users do not have to keep chatting inside the ThumbGate GPT to use ThumbGate — the hard enforcement layer still runs where the work happens.
+- **[Claude Desktop Extension](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-claude-desktop.mcpb)** — One-click install for Claude Desktop
+- **[Codex Plugin](https://github.com/IgorGanapolsky/ThumbGate/releases/latest/download/thumbgate-codex-plugin.zip)** — Standalone bundle for Codex CLI
+- **[Perplexity Command Center](docs/PERPLEXITY_MAX_COMMAND_CENTER.md)** — AI-search visibility + lead discovery
+- **[ThumbGate Bench](docs/THUMBGATE_BENCH.md)** — Reliability benchmark for gate evaluation
+- **[Manus AI Skill](skills/thumbgate/SKILL.md)** — ThumbGate integration for Manus AI agents
 
 ---
 
-## Tech Stack
+## Feedback Sessions
+
+Give the agent more context when a thumbs-down isn't enough:
 
 ```
-┌──────────────────────┬──────────────────────┬──────────────────────┐
-│   STORAGE            │   INTELLIGENCE        │   ENFORCEMENT        │
-│                      │                       │                      │
-│ SQLite + FTS5        │ MemAlign dual recall  │ PreToolUse hook      │
-│ LanceDB vectors      │ Thompson Sampling     │ engine               │
-│ JSONL logs           │ (adaptive lesson      │ Gates config         │
-│ File-based context   │  selection)           │ Hook wiring          │
-│                      │                       │                      │
-│                      │                       │                      │
-├──────────────────────┼──────────────────────┼──────────────────────┤
-│   INTERFACES         │   BILLING             │   EXECUTION          │
-│                      │                       │                      │
-│ MCP stdio            │ Stripe                │ Railway              │
-│ HTTP API             │                       │ Cloudflare Workers   │
-│ CLI                  │                       │ Docker Sandboxes     │
-│ Node.js >=18         │                       │                      │
-└──────────────────────┴──────────────────────┴──────────────────────┘
+👎 thumbs down
+  └─► open_feedback_session
+        └─► "you lied about deployment"    (append_feedback_context)
+        └─► "tests were actually failing"  (append_feedback_context)
+        └─► finalize_feedback_session
+              └─► lesson inferred from full conversation
 ```
 
+Free and self-hosted users can invoke `search_lessons` directly through MCP, and via the CLI with `npx thumbgate lessons`. History-aware feedback sessions give the agent full context for each lesson.
+
 ---
 
 ## FAQ
 
 **Is ThumbGate a model fine-tuning tool?**
-No. ThumbGate does not update model weights in frontier LLMs. It captures your feedback, stores lessons, injects context at runtime, and blocks bad actions before they execute.
+No. ThumbGate does not update model weights. It captures feedback, stores lessons, injects context at runtime, and blocks bad actions before they execute.
 
 **How is this different from CLAUDE.md or .cursorrules?**
 Those are suggestions the agent can ignore. ThumbGate gates are enforced — they physically block the action before it runs. They also auto-generate from feedback instead of requiring manual writing.
 
 **Does it work with my agent?**
-Yes. It's MCP-compatible and works with Claude Code, Claude Desktop, Cursor, Codex, Gemini CLI, Amp, OpenCode, and any agent that supports MCP or pre-action hooks.
-
-**What's self-improvement mode?**
-ThumbGate can watch for failure signals (test failures, reverted edits, error patterns) and auto-generate prevention rules — no thumbs-down required. Your agent gets smarter every session.
+If it supports MCP or pre-action hooks, yes. Claude Code, Claude Desktop, Cursor, Codex, Gemini CLI, Amp, OpenCode all work out of the box.
 
 **Is it free?**
-Free tier: **3 daily feedback captures**, **5 daily lesson searches**, unlimited recall, enforced gates. History-aware distillation turns vague feedback into specific lessons. Pro is $19/mo or $149/yr for a personal dashboard and exports. Team rollout starts at $99/seat/mo (3-seat minimum) with shared hosted lesson DB, org dashboard, approval + audit proof, and isolated execution guidance.
-
----
-
-## Enterprise Story
-
-ThumbGate is the control plane for AI coding agents:
-
-- Feedback becomes enforcement — repeated failures stop at the gate instead of reappearing in review.
-- **Workflow Sentinel** scores blast radius before execution, so risky PR, release, and publish flows are visible early.
-- High-risk local actions route into **Docker Sandboxes**; hosted team automations use a signed isolated sandbox lane.
-- Team rollout stays tied to [Verification Evidence](docs/VERIFICATION_EVIDENCE.md) instead of trust-me operator claims.
-
-## Release Confidence
-
-- Every PR must carry a **Changeset** entry — each shipped version has a customer-readable explanation before publish.
-- Version-sync checks keep `package.json`, `CHANGELOG.md`, plugin manifests, and installer metadata aligned.
-- Final close-out requires verifying the exact `main` merge commit, with proof anchored in [Verification Evidence](docs/VERIFICATION_EVIDENCE.md).
-
-See [Release Confidence](docs/RELEASE_CONFIDENCE.md) for the full trust chain.
+The free tier gives you 3 captures/day, 1 rule, and 1 agent — enough to prove the enforcement loop works. Pro is $19/mo or $149/yr for unlimited everything plus a dashboard. Team is $49/seat/mo with shared hosted lesson DB, org dashboard, and shared enforcement.
 
 ---
 
 ## Docs
 
-- [Commercial Truth](docs/COMMERCIAL_TRUTH.md) — pricing, claims, what we don't say
-- [Changeset Strategy](docs/CHANGESET_STRATEGY.md) — how release notes and version bumps are enforced
 - [First Dollar Playbook](docs/FIRST_DOLLAR_PLAYBOOK.md) — turning one painful workflow into the next booked pilot
-- [Release Confidence](docs/RELEASE_CONFIDENCE.md) — how changesets, version checks, and proof lanes make publishes inspectable
-- [SemVer Policy](docs/SEMVER_POLICY.md) — stable vs prerelease channel rules
+- [Commercial Truth](docs/COMMERCIAL_TRUTH.md) — pricing, claims, what we don't say
+- [Changeset Strategy](docs/CHANGESET_STRATEGY.md) — release notes and version bump enforcement
+- [Release Confidence](docs/RELEASE_CONFIDENCE.md) — changesets, version checks, proof lanes
 - [Verification Evidence](docs/VERIFICATION_EVIDENCE.md) — proof artifacts
-- [WORKFLOW.md](WORKFLOW.md) — agent-run contract (scope, hard stops, proof commands)
-- [Ready-for-agent issue template](.github/ISSUE_TEMPLATE/ready-for-agent.yml) — intake for agent tasks
-
-Pro overlay: [`thumbgate-pro`](https://github.com/IgorGanapolsky/thumbgate-pro) — separate repo/package inheriting from this base.
+- [Claude Desktop Extension Guide](docs/CLAUDE_DESKTOP_EXTENSION.md)
+- [Agent Workflow Contract](WORKFLOW.md) — the agent-run contract for all ThumbGate operations
+- [Ready for Agent Intake](https://github.com/IgorGanapolsky/ThumbGate/issues/new?template=ready-for-agent.yml) — ready-for-agent intake template
+- [SEO Guide: Claude Code Guardrails](docs/learn/claude-code-guardrails.md)
+- [Pro Overlay Repository](https://github.com/IgorGanapolsky/thumbgate-pro) — paid overlay code in the separate `thumbgate-pro` repo/package
 
 ---