Anthropic named the role: the Agent Manager — a hybrid PM/engineer single DRI who owns the Claude Code configuration that every developer in the org actually feels. Without that role, enterprise rollouts stall in phase two; with it, the model improving is no longer the bottleneck. ThumbGate is the pre-action runtime that role needs at the tool-call boundary.
| You own | ThumbGate ships |
|---|---|
| CLAUDE.md hierarchy Keeping the policy that the model reads on every session current and consistent across repos. |
Prevention rules auto-distilled from real 👎 feedback and written into CLAUDE.md by scripts/feedback-to-rules.js. Org-wide rule library on the hosted dashboard. |
| Plugin marketplace Deciding which Claude Code / Cursor / Codex plugins are blessed and which are not. |
ThumbGate ships as a Claude Code plugin, a Cursor extension (Marketplace listing pending Cursor's review since 2026-05-19; runtime install works today via npx thumbgate init --agent cursor), a Codex plugin, and a Gemini CLI hook. One install, every supported agent. Adapter compatibility matrix kept current as runtimes change. |
| Permissions policy What an agent is allowed to execute, against which surfaces, with which evidence required. |
PreToolUse hooks at the tool-call boundary. Each block carries the rule that fired, the evidence that triggered it, and a reason the agent can use to choose a safer plan. No "tell the model to be more careful." |
| Which skills ship The set of in-context skills, prompts, and snippets every developer's agent has access to. |
Skill ship matrix in adapters/* — Claude, Cursor, Codex, Gemini, Amp, Cline, OpenCode. Each adapter is version-pinned and CI-checked against the upstream runtime. |
| Keep them current When Claude Code ships a breaking change to hooks or to the plugin API, your rollout cannot wait a quarter. |
24×7 ops on the adapter matrix. SonarCloud regressions fixed in <24h. The hosted tier is the operator the role does not have to be themselves. |
Every enterprise Claude Code rollout hits the same wall: the model gets better, the setup does not, and nobody owns it. The teams that get past phase one and into actual adoption all turn out to have a single DRI behind CLAUDE.md, the plugin policy, the permissions, and the skill ship list. The teams that do not, stall.
Individual engineers install agents. CLAUDE.md is whatever they wrote. The Agent Manager role is unfilled or shared. ThumbGate enters as the free npx thumbgate init wedge — one repo, one repeated failure, one Pre-Action Check.
Infrastructure is ready; the first wave finds it productive. This is where the Agent Manager becomes a named role. ThumbGate's hosted dashboard, org-wide rule library, and DPO export are what that role uses to keep CLAUDE.md and the permissions policy consistent across repos.
The team becomes the harness. The Agent Manager stops being a bottleneck because the policy enforces itself at the tool-call boundary. ThumbGate's Workflow Hardening Sprint locks down the patterns that earned trust in phase two so the next 10x of engineers do not regress them.
npx thumbgate init in one repo. Captures thumbs-up/down feedback locally; auto-promotes repeated failures into prevention rules.Anthropic named the role. ThumbGate is the runtime that role needs. The free CLI is real, MIT-licensed, and the gates work locally without a hosted account. The paid tier is what we operate so the Agent Manager does not have to.
Start the Workflow Hardening Sprint Or start Pro at $19/mo →