What is ThumbGate for AI agents?

ThumbGate is a CLI-first agent governance system for AI coding workflows. It captures thumbs-up/down signals, generates prevention rules from repeated failures, blocks dangerous tool calls before execution, and helps teams carry approval boundaries, proof, and isolated execution into rollout.

How does ThumbGate handle feedback-to-enforcement pipelines?

It implements an npm package 'thumbgate' that captures thumbs-up/down signals locally, stores reusable lessons, and automates generation of prevention rules so repeated agent failures become shared enforcement instead of repeated review churn.

Is ThumbGate compatible with local AI agent setups?

Yes, it's designed as local-first, running via npm without cloud dependencies. It integrates with MCP servers for reusable memories, prompts, workflow governance, and isolated execution guidance for risky local runs.

How does ThumbGate reduce host blast radius for high-risk runs?

ThumbGate combines pre-action checks with execution guidance. Workflow Sentinel predicts risky local actions before they execute, and those runs can be routed into Docker Sandboxes instead of running directly on the host. Team workflows also have a signed hosted sandbox lane for isolated automation dispatch.

What is Reliability Studio Compare and Deploy?

Reliability Studio is the buyer-facing workflow for importing workflow evidence, comparing the baseline agent run against the hardened run, and deploying the resulting rule pack and proof links without requiring model fine-tuning.

What does the Workflow Hardening Fit Checker do?

It qualifies whether a workflow is a better fit for the Workflow Hardening Sprint, Team rollout, Solo Pro, or the free OSS path by checking for a repeated blocker, a workflow owner, proof requirements, rollout stage, and cross-machine sync needs.

When should I choose the Workflow Hardening Sprint instead of Solo Pro?

Choose the Workflow Hardening Sprint when one workflow already matters, one owner can carry rollout, and a repeated blocker needs proof before a wider team launch. Choose Solo Pro only after a real blocked repeat when one operator wants the personal dashboard, export-ready evidence, and more capture depth without the team rollout motion.

Can I install ThumbGate as a Claude Desktop extension?

Yes. The local Claude install path is available now via npm, and the repo ships Claude-specific plugin metadata, privacy policy links, support docs, and a submission packet. Directory inclusion depends on Anthropic review and should not be claimed before approval.

Workflow Hardening Sprint for engineering teams

Make one AI coding workflow safe enough to ship team-wide.

ThumbGate is a CLI-first control plane for AI coding workflows. It captures thumbs-up/down signals from every run, converts repeated failures into prevention rules, and checks dangerous actions before they cause damage.

The business story is enterprise-first: use the Workflow Hardening Sprint to prove one blocker, one owner, and one proof review before a wider rollout. The local CLI stays free as the adoption wedge, while Pro remains the solo side lane.

North Star: one workflow live and auditable Primary buying motion: Workflow Hardening Sprint Versioned proof: v__PACKAGE_VERSION__ Hosted onboarding at https://thumbgate-production.up.railway.app

Start Workflow Hardening Sprint Run fit checker Install Free CLI Current commercial truth View hosted demo

Early-stage product. Engineering proof is real, but GitHub stars, npm downloads, and solo-maintainer activity are not customer proof.

The public commercial motion starts with the Workflow Hardening Sprint, then expands into Team at $49/seat/mo with a 3-seat minimum after qualification. Pro at $19/mo or $149/yr stays available for solo operators who want a personal dashboard.

Why teams evaluate it, not just install it

Most teams can use the OSS package first. The CLI is the wedge. Paid rollout starts when one workflow needs to survive handoffs, approvals, isolated execution boundaries, and multiple operators instead of living in scattered local files.

Give every licensed operator a personal local dashboard without extra setup friction.
Run the same workflow with shared memory, prevention rules, and optional hosted keys when the team actually needs them.
Route the riskiest local autonomy into Docker Sandboxes or the hosted sandbox lane before it touches shared workflow state.
Link rollout decisions to verification evidence instead of gut feel.

Best fit RevOps, growth, platform, and engineering leaders accountable for one workflow outcome.

Daily users Operators and agent runners executing intake, drafting, approval, and sync steps every day.

Best First Workflow Lead-to-meeting with intake, enrichment, drafting, approval, CRM sync, and auditability.

What is public today OSS remains free with 5 built-in checks. Team starts intake-first via the Workflow Hardening Sprint. Pro is the solo side lane for a personal local dashboard and exports.

Check in action

See what gets blocked. See what gets through.

ThumbGate intercepts agent tool calls before execution. Blocked operations never run. Passing operations leave an auditable trace.

Terminal

[check] ⛔ Blocked: git push --force main
                   rule: no-force-push • severity: critical • action: abort
[check] ✅ Passed:  npm test && git push origin feature-branch
                   rule: test-before-push • evidence: logged

Action query

Workflow Hardening Fit Checker

Use the same AI-search filter that matters commercially: can AI fully satisfy this query without a click? For workflow hardening, the answer is no. The buyer still has to qualify blocker, owner, proof need, and sync scope.

What the checker evaluates

Whether the workflow is already running, in pilot, or still exploratory.
Whether there is a repeated blocker instead of a one-off annoyance.
Whether one workflow owner can actually carry the rollout.
Whether the buyer needs proof, auditability, or cross-machine consistency.

How it routes the buyer

Sprint: repeated blocker, one owner, and proof needed before wider rollout.
Team: the workflow already proved value and now needs shared memory, synced rules, approvals, and auditability across operators.
Solo Pro: one operator wants a personal dashboard and export-ready evidence without the team rollout motion.
Free OSS: the workflow is still educational or too early for a paid path.

Run the hosted fit checker and use the result to decide whether to sell the Sprint, expand into Team, point to Solo Pro, or keep the user on the OSS path first.

Qualification aid only. It does not claim measured savings, buyer validation, or conversion evidence.

Next step

Choose the buying path that matches the workflow you already have.

ThumbGate does not ask buyers to guess. The path depends on whether there is a repeated blocker, one workflow owner, and a need for proof before wider rollout.

Workflow Hardening Sprint

Use this path when one workflow already matters, one owner can carry it, and one repeated blocker needs proof before the team rolls it out wider.

Best for approvals, rollback risk, review churn, or fragile handoffs.
Start with one workflow, one owner, and one proof review.
Use commercial truth and verification evidence after the buyer confirms pain.

Start Workflow Hardening Sprint intake

Solo Pro

Use this path only after one operator hits a real blocked repeat and wants the personal dashboard, export-ready evidence, and deeper capture without the team rollout motion.

Best for one operator evaluating the self-serve lane first.
Install the guide, validate the local path, then move to checkout.
Keep Sprint as the escalation path when the blocker is bigger than one seat.

See Solo Pro checkout

Free OSS

Use this path when the workflow is still exploratory, educational, or too early for a paid motion. Install the local CLI, capture one lesson, and prove the workflow deserves more.

Best for first install, early experiments, and solo evaluation.
Use the hosted fit checker once a real blocker appears.
Move to Solo Pro or Sprint only when the workflow earns it.

Install the free CLI

Routing language is aligned with COMMERCIAL_TRUTH.md, FIRST_DOLLAR_PLAYBOOK.md, and the hosted fit checker. It is offer guidance, not proof of buyer conversion.

Distribution

ChatGPT GPT Actions path: the public front door for ThumbGate.

ThumbGate's ChatGPT lane is a Custom GPT plus Actions, not an old ChatGPT plugin. Users can open the published GPT to check proposed AI actions, save thumbs-up/down lessons, and get setup help before installing anything. They do not have to keep chatting inside the GPT for enforcement: real blocking for coding agents still runs locally through ThumbGate hooks after npx thumbgate init. Developers can import the same OpenAPI Actions spec into their own GPT and point it at the hosted API.

Find the GPT

Open the ThumbGate GPT directly. If it does not open for your account, choose Explore GPTs, search ThumbGate, and select the GPT by Igor Ganapolsky in Programming.

Rate the answer

Use chat replies like 👎 this was too vague. Next time give exact steps. or 👍 this format worked. Remember it.

Recall and reinforce

ThumbGate captures feedback into lessons, searches them before later answers, turns repeated failures into prevention rules, and reuses positive examples as answer preferences.

Developer Actions path

Use adapters/chatgpt/openapi.yaml or import https://thumbgate-production.up.railway.app/openapi.yaml into GPT Builder Actions.

Direct GPT URL: chatgpt.com/g/g-69dcfd1cd5f881918ae31874631d6f08-thumbgate

Open ThumbGate GPT • ChatGPT install guide • OpenAPI Actions spec • GPT Store submission packet • Privacy policy

Distribution

Claude Desktop extension path: install now, submit cleanly, market honestly.

Claude Desktop is a real discovery surface for Claude-first buyers. This repo already carries the local install path, a buildable `.mcpb`, Claude plugin metadata, privacy policy, support links, and proof-backed docs needed to market the extension lane without pretending approval already happened.

Install locally today

Use the portable npm launcher in Claude Desktop immediately instead of waiting on a directory decision.

claude mcp add thumbgate -- npx --yes --package thumbgate thumbgate serve

Carry the trust layer

Point reviewers to the public privacy policy, security policy, and verification evidence before you widen distribution.

Build, then pitch honestly

Use npm run build:claude-mcpb plus the review-ready source zip to package the real bundle, then market Claude workflow hardening, Pre-Action Checks, and proof-backed reliability without claiming approval before it exists.

Official directory review is separate. Claude Code users can install now with /plugin marketplace add IgorGanapolsky/ThumbGate and /plugin install thumbgate@thumbgate-marketplace.

Claude extension guide • Submission packet • Bundle download • Review packet zip • Privacy policy

What changes

Sell the workflow outcome. Use ThumbGate as the control layer behind it.

The hero is still the workflow outcome. ThumbGate is the control plane that makes the workflow safe to roll out across a team with policy, proof, and isolated execution for the riskiest steps.

Shared memory

Local-only feedback logs are useful for one operator. Teams pay when those learnings need to survive handoffs, shifts, and multiple agent surfaces.

Hosted guardrails

Provisioned API keys, usage metering, and centralized prevention rules let you run the same workflow across repos and operators without duct tape.

Isolated execution

Workflow Sentinel can route the riskiest local autonomy toward Docker Sandboxes, while hosted team automations use a signed sandbox dispatch lane instead of running directly on the host.

Proof-ready runs

Verification evidence, machine-readable endpoints, and auditable funnel events make it easier to prove the workflow is actually improving.

How the first paid wedge works

Choose one workflow. Lead intake, enrichment, drafting, approval, CRM sync.
Run through ThumbGate. Every step can capture feedback and produce evidence.
Use the feedback loop. Repeat failures become prevention rules instead of recurring incidents.
Roll out team-wide. Shared API keys and hosted memory remove the single-laptop bottleneck.

North Star

One workflow is live, bought by a team, and backed by proof links that survive handoffs.

One workflow outcome is clearly defined and in production.
Every rollout step can point to verification evidence.
Repeat mistakes turn into prevention rules instead of recurring incidents.
More than one operator can run the same system without local-only knowledge.

Reliability Studio

Import workflow evidence, compare the baseline, deploy the rule pack.

Make the product legible to buyers. Reliability Studio explains how PR threads, CI logs, runbooks, JSONL, and CSV inputs become a hardened workflow with proof links and deployable rules. No model fine-tuning required.

Import

Use the workflow artifacts you already have: PR review threads, CI logs, runbooks, JSONL, and CSV. These become candidate memories, checks, and approval boundaries.

Compare

Show the before and after state for one workflow: fewer late review loops, stronger proof surfaces, and less tribal operator drift.

Deploy

Ship a shared rule pack for Claude Code, Codex, Gemini, and Amp, then attach the verification evidence and machine-readable reports buyers can inspect.

Product walkthrough only. This section describes the Compare and Deploy flow; it does not claim live customer telemetry or ROI proof.

Buyer Translation

What buyers worry about, what ThumbGate changes, and where the proof lives.

Use this language in deals, workshops, and AI-search content. It translates product mechanics into buyer concerns and proof surfaces.

Buyer Concern	What ThumbGate Changes	Proof Surface
Can one workflow survive handoffs?	Hosted API keys, shared memory, and prevention rules replace single-laptop tribal knowledge.	Verification evidence, auditable runs, and machine-readable reports.
Can we trust the rollout?	ThumbGate adds hosted guardrails and explicit feedback handling so drift is visible instead of hidden.	Proof-ready runs plus versioned verification artifacts.
How do we limit host blast radius?	Workflow Sentinel predicts risky local actions and can route them into Docker Sandboxes or the hosted sandbox lane before shared systems are exposed.	Sentinel reports, sandbox routing plans, and versioned proof artifacts.
Why not stay on the OSS package?	OSS is great for a single builder. ThumbGate is for a team that needs one workflow to run consistently.	Hosted onboarding, shared state, and team-safe workflow execution.

FAQ

Answer the buyer questions before they stall the deal.

Visible FAQ content keeps the landing page aligned with the JSON-LD schema and makes the pitch easier to quote in AI search.

Who should buy ThumbGate?

Teams running agentic workflows who need hosted API keys, shared memory, and auditable runs without self-hosting the feedback and guardrail layer.

Who uses it every day?

Operators and agent runners doing lead intake, research, drafting, approvals, and sync steps inside the workflow.

What is the best first workflow?

Lead-to-meeting is the clearest wedge because the value chain is easy to explain: intake, enrichment, drafting, approval, CRM sync, and auditability.

What does ThumbGate prove?

It proves what changed, what passed, how the workflow is being controlled, and which versioned release evidence justifies rollout decisions.

Proof Surface

Publish the authority evidence where buyers and AI systems can inspect it.

The public proof surface should be explicit. These links anchor claims to human-readable verification evidence and machine-readable reports.

Verification evidence

Command history, observed results, and report paths for product and workflow claims.

Open VERIFICATION_EVIDENCE.md

Release confidence

Changesets, SemVer, version-sync checks, and exact-main verification make package publishes inspectable before the next rollout.

Open docs/RELEASE_CONFIDENCE.md

Compatibility proof JSON

Machine-readable adapter and API compatibility evidence for AI runtimes.

Open proof/compatibility/report.json

Automation proof JSON

Machine-readable automation evidence for rubric checks, prevention rules, and workflow checks.

Open proof/automation/report.json

ThumbGate Bench

Deterministic safety/capability benchmark covering GitHub, npm, database, Railway, shell, and filesystem scenarios.

Open docs/THUMBGATE_BENCH.md

Who is this for?

Three people who stop wasting time on avoidable agent mistakes.

ThumbGate fits wherever an AI coding agent runs unsupervised and where repeated failures are costing real time.

Solo dev using Claude Code or Cursor

You run AI agents all day. Sometimes they force-push to main, skip tests, or repeat a mistake you fixed last week. ThumbGate captures the lesson and enforces it automatically — no manual rules to write.

Free tier. Everything you need, no limits that matter.

Team lead managing multiple agents

Your team runs different agents across different repos. Rules learned in one repo need to apply everywhere. ThumbGate Team carries shared enforcement, approvals, and proof so one bad pattern cannot surface in two different repos on the same day.

Workflow Hardening Sprint, then Team. Start with one blocker, one workflow owner, and one proof review.

Engineering manager wanting CI integration

You want agent failures to feed back into the pipeline automatically — not live in someone's local notes. ThumbGate's CI webhook auto-ingest and machine-readable proof reports make agent reliability auditable without extra tooling.

Team tier. Shared rollout proof, CI integration, and approval boundaries for engineering workflows.

Pricing

Install free. Buy with the Workflow Hardening Sprint. Keep Pro as the solo side lane.

The OSS core is free and always will be. Team rollout stays intake-first at $49/seat/mo with a 3-seat minimum after qualification. Pro is $19/mo or $149/yr for individual operators.

Free

CLI-first local enforcement for a solo developer proving the need.

$0 / forever

Unlimited feedback captures
Up to 5 active auto-promoted prevention rules
5 built-in checks
No recall or lesson search
No DPO/KTO export

Use the open-source package

Primary motion

Team

$49 / seat / mo

Start with one workflow, one owner, and one repeated blocker. Expand into shared governance after proof.

Workflow Hardening Sprint intake
Shared enforcement memory
Team lesson export/import — one team's lessons become every team's checks
Approval boundaries and audit trail
Org dashboard and proof-ready exports
Isolated execution guidance for risky autonomy

Start Workflow Hardening Sprint

How it works

Qualify one workflow and one repeated blocker
Run the Workflow Hardening Sprint
Attach proof and verification evidence
Expand into Team seats when shared rollout is justified

Solo Pro

$19 / mo

Self-serve side lane for one operator who wants a personal local dashboard and exports.

Personal local dashboard on localhost
DPO export and proof-ready data
Lesson export/import for cross-project sharing
Unlimited custom checks
Priority support

See Solo Pro

Need shared workflows? Start with the sprint. Need a personal dashboard only? Solo Pro stays available.