__GOOGLE_SITE_VERIFICATION_META__
Claude Code, Cursor, Codex, Gemini CLI, Amp, Cline, OpenCode, and MCP tools can touch terminals, repos, databases, SaaS APIs, and cloud systems. After a configured agent proposes a tool call, ThumbGate evaluates it before execution and records the decision. The default policy denies detected secret exfiltration plus commands that kill the ThumbGate gate process or enable its bypass environment variable; other matched high-risk classes such as destructive deletes, force-pushes, and fetch-and-run commands warn by default. Strict mode turns matching warning-mode checks into denies. The beachhead buyer is an enterprise engineering, security, or platform team that needs governed AI-agent execution before agents touch regulated or high-blast-radius workflows.
Money path today: Workflow Hardening Diagnostic ($__SPRINT_DIAGNOSTIC_PRICE_DOLLARS__) or Sprint ($__WORKFLOW_SPRINT_PRICE_DOLLARS__) for one repeated agent failure. Pro stays the solo self-serve lane. Prefer scoping first? Send workflow first.
One workflow. One repeated failure. Paid diagnostic or sprint with Stripe โ credit applies when you continue to implementation.
Pay $__SPRINT_DIAGNOSTIC_PRICE_DOLLARS__ diagnostic โ Pay $__WORKFLOW_SPRINT_PRICE_DOLLARS__ sprint โUnlimited rules, recall, proof, exports after one real caught repeat.
Pay $19/mo with Stripe โ2 captures/day, 3 active rules. Or send the workflow if you need fit review before paying.
Send workflow first โ“A better dashboard doesn’t make the agents more reliable. The hard part isn’t visibility. It’s trust.”
Local-first is the new default
Perplexity demoed a Personal Computer agent at Computex 2026 that asks the user before sending sensitive content to the cloud. Automation Anywhere shipped EnterpriseClaw with Cisco, NVIDIA, Okta, and OpenAI โ central policy, locally enforced, audit reported back. The architectural debate is settled. ThumbGate runs the same pattern for the coding agent already on your laptop.
Install ThumbGate, capture concrete feedback, and let the configured PreToolUse hook flag a matching action before execution. Upgrade only when you need higher limits, recall, a personal dashboard, or exports.
Run npx thumbgate init in your repo. Claude, Cursor, Codex, Gemini, Amp, Cline, and OpenCode are supported through local hook or MCP-compatible setup paths.
Use thumbs up for a good pattern and thumbs down with concrete context for a failure. Accepted feedback becomes a local lesson; recurring failures can be promoted into prevention rules.
A matching tool call is evaluated and recorded before execution, with a reason the agent can use to choose a safer plan. Detected secret exfiltration and commands that kill the gate process or enable its bypass variable are denied by default; strict mode also denies matching warning-mode checks.
For consultancies, platform teams, and AI product teams that want workflow governance, CLI-first rollout, and a reliable operator.
Have one AI-agent failure that keeps repeating? Start with one real workflow, one repeated failure pattern, enforceable pre-action gates, and a short audit trail your team can keep.
Prove one evaluated repeat before asking anyone to buy. Give thumbs up when the agent follows your standards and a concrete thumbs down when it misses. Upgrade when the individual operator needs higher limits, recall, a personal dashboard, or exports.
Workflow governance for isolated execution: ThumbGate pairs policy checks with Docker Sandboxes, signed hosted sandbox dispatch, Changeset evidence, and exact main-branch merge commit verification before release claims ship.
You can โ on one machine, for one agent, until the next breaking change. ThumbGate is that idea, maintained: accepted feedback becomes local lessons, recurring failures can become explicit rules, and those rules can be reused by supported agents configured against the same local install scope. Claude Code, Cursor, Codex, Gemini, Amp, Cline, and OpenCode each require their documented integration setup. Hand-written hooks do not automatically provide ThumbGate's lesson store, rule promotion, local decision records, or adapter tests.
The high-ROI buyer story is not another chatbot memory claim. June 2026 coverage is pushing the same pattern from multiple directions: tool lockdown, MCP security, managed agents, context budgets, and agent-authored production code all need pre-action governance at the execution boundary.
As MCP servers and hosted tools spread, the failure mode is no longer just a bad answer. It is an agent calling the wrong tool with real developer permissions. ThumbGate provides a local allow, warn, or deny decision before a configured tool call executes.
Managed background agents can multiply output, but every extra autonomous run needs evidence, rollback boundaries, and approval rules. ThumbGate records why a configured pre-action check allowed, warned on, or denied a proposed action.
Long-context agents are expensive when they repeatedly reload irrelevant history. ThumbGate keeps paid value above the free wedge with recall, search, context gating, and proof exports instead of dumping everything into every prompt.
When teams claim most new production code is AI-authored, the real enterprise question becomes auditability. ThumbGate can promote accepted recurring corrections into prevention rules and retain the local gate evidence available to reviewers.
The market is converging on agentic development as a control loop, not a code-generation trick. The New Stack's May 2026 AC/DC framing names the core stages: Guide, Generate, Verify, and Solve. ThumbGate gives that loop a hard pre-action boundary so agent work is governed before it touches files, terminals, CI, payments, or production systems.
Rules, standards, past thumbs-downs, workflow boundaries, and approval policies are loaded as concrete operating context instead of vague prompt advice.
Claude Code, Cursor, Codex, Gemini, Amp, Cline, OpenCode, and MCP-compatible agents keep generating plans, edits, and tool calls.
Pre-Action Checks can require inspection evidence, tests, CI, screenshots, API responses, or human approval for configured high-risk actions.
Accepted feedback can become local lessons and recurring failures can become rules. Pro operators can export DPO data and lesson bundles for separately reviewed reuse.
Verification after a pull request is useful, but it is too late for force-pushes, destructive SQL, unsafe deploys, leaked secrets, and costly external API calls. ThumbGate checks the action before it runs, then feeds the result back into the next Guide and Solve cycle.
Install the local runtime, capture concrete feedback, and inspect the resulting lessons and checks.
Codex, Claude Code, ChatGPT, and other agent surfaces can collect preference signals, but you usually cannot see exactly what changed, which rule will fire, or why a future tool call is allowed. ThumbGate keeps the prevention layer outside the model: accepted typed feedback becomes a local lesson, recurring failures can become explicit rules, and gate results expose the matched check and decision reason available at evaluation time.
Native thumbs and vendor memories may improve future behavior, but they do not provide ThumbGate's explicit local allow, warn, or deny contract at the moment a configured agent touches files, terminals, APIs, or CI.
Lessons live in your ThumbGate store, can be searched, exported as JSONL or DPO pairs, and traced back to the exact correction that created the rule.
The final decision is not another model opinion. ThumbGate checks tool name, arguments, working directory, command shape, confidence, and required evidence before the action runs.
Sources to verify the market timing: Docker on AI coding agent security risks, TechRadar on enterprise agent security pressure, and current MCP adoption coverage.
Claude renders the live ThumbGate footer now. npx thumbgate init --agent codex installs the same Codex hook bundle and writes the ThumbGate statusLine target so you can test it on your local Codex build immediately.
ThumbGate ships a published Claude Desktop extension bundle (.mcpb) you can install today. Claude Code users can also add the repo marketplace plugin immediately. No waiting for directory approval.
Run npx thumbgate init --agent claude-code or add via claude mcp add thumbgate -- npx --yes --package thumbgate thumbgate serve
Download the .mcpb bundle for Claude Desktop, or use the repo marketplace: /plugin marketplace add IgorGanapolsky/ThumbGate
Type a concrete thumbs down when Claude makes a mistake. Accepted feedback can distill a lesson from up to 8 prior entries, and recurring failures can become rules evaluated by the configured PreToolUse hook. Detected secret exfiltration is denied by default; strict mode also denies matching warning-mode checks.
Claude Code Skill: Type /thumbgate in any Claude Code session. Auto-triggers on โcheckโ, โfeedbackโ, โblock mistakeโ. Free skill on top of the same local gateway.
The live GPT is a ChatGPT entrypoint for preflighting a proposed action and finding setup guidance. It does not create a local execution boundary by itself. Local allow, warn, or deny decisions require npx thumbgate init plus the documented integration for the agent that executes the tool call.
Paste a proposed command, file edit, merge, deploy, refund, invoice, or API call and ask whether to allow, block, or checkpoint it.
Reply in chat with thumbs up: or thumbs down: plus one concrete sentence. Do not rely on ChatGPT's native rating buttons for ThumbGate memory.
Run npx thumbgate init in the repo and configure the documented agent integration so Pre-Action Checks evaluate proposed tool calls before execution. The default policy denies detected secret exfiltration plus commands that kill the gate process or enable its bypass variable.
Find it fast: if the direct link does not open, go to Explore GPTs, search ThumbGate, and choose the GPT by Igor Ganapolsky in Programming. Plain English rule: ChatGPT is the discovery and checkpointing surface. Accepted typed feedback can become a local lesson; recurring failures can become rules. The Reliability Gateway still runs in the configured local agent or CI lane.
Install the published Claude Desktop plugin .mcpb bundle today. Claude Code users can add the repo marketplace immediately with /plugin marketplace add. No waiting for directory approval.
Type /thumbgate in any Claude Code session. Auto-triggers on "check", "feedback", "block mistake". Free skill on top of the same local gateway teams later harden into a shared workflow.
Claude Code, Codex, Gemini CLI, Amp, and OpenCode can use the same gateway and memory model after their documented integration is configured. Other MCP-compatible agents require an equivalent MCP or hook setup.
Hermes-style agents bring persistent memory, generated skills, messaging gateways, scheduled automations, and sandboxed execution. ThumbGate adds the safer self-evolution loop: propose rule and skill changes from failures, then gate them with evidence before anything overwrites stable instructions or repeats an expensive action.
vLLM makes self-hosted inference cheaper and faster with PagedAttention, continuous batching, chunked prefill, prefix caching, and optimized kernels. ThumbGate gates the routing change with latency, cache-isolation, benchmark, and rollback proof before agent traffic moves.
Long-running agents need cleaner working context, approved model routes, isolated execution, tool lockdown, direct pushback, and evidence before high-risk actions. ThumbGate turns those controls into local pre-action gates.
When database and IAM operations are exposed as agent tool calls, ThumbGate can evaluate configured patterns such as production DROP, unscoped DELETE, or IAM escalation before execution. The resulting action depends on the matched rule and enforcement mode.
Codex gets a standalone ThumbGate plugin bundle, a repo-local plugin profile, and the same auto-updating MCP launcher. The runtime resolves thumbgate@latest when Codex starts, so npm fixes reach active installs. The install page includes the zip, MCP config, and verification path in one place.
Run npx thumbgate init --agent cursor or configure .cursor/mcp.json through the documented setup path. The npm runtime path is separate from any in-app Marketplace listing.
VS Code can host an MCP-compatible agent such as Continue or Cline. Each editor or agent still requires its MCP stdio or hook configuration; this repo does not ship a standalone VS Code extension.
ThumbGate is listed on mcp.so so MCP-compatible clients can verify the package, copy the npx config, and confirm they are installing the real Pre-Action Checks server.
Open the ThumbGate GPT to preflight risky commands, deploys, refunds, PR actions, and setup steps. Local allow, warn, or deny enforcement for coding agents requires npx thumbgate init plus the documented integration setup.
Search lessons, inspect checks, mark a review checkpoint, and see only what changed since the last pass. No signup or install required.
Open Dashboard Demo โInspect the matched gate, allow/warn/deny decision, and reason returned by the local evaluator.
Generate local dashboard and report views from the operator's available gate and feedback data. A hosted org dashboard is not generally available.
Workflow Sentinel can recommend Docker Sandboxes for high-risk local actions. The package includes a signed sandbox-dispatch mechanism, but each deployment must configure and verify its isolation boundary.
Local enforcement data stays in the operator's ThumbGate feedback directory by default. Checkout, intake, newsletter, and product analytics are separate hosted processing surfaces. Hosted team lesson sync is not generally available.
Confidence tiers (none/low/medium/high) are available inputs to adaptive rule selection; they do not guarantee a correct decision.
When the current Claude auto-capture hook only gets a vague thumbs-down, ThumbGate can reuse up to 8 prior recorded entries plus the failed tool call, then keep a linked 60-second feedback session open for later corrections instead of creating a dead-end note.
Self-governance is an operator writing local rules and keeping local logs. ThumbGate starts there, then evaluates configured checks as an allow, warn, or deny decision before the tool call touches code, data, money, or customers.
The rule is evaluated at the execution boundary, not after the fact. Matching failures are evaluated before configured shell commands, PR actions, deploys, refunds, or production writes run. Detected secret exfiltration and gate kill/bypass commands deny by default; strict mode also denies matching warning-mode checks.
Gate records expose the fields available for that evaluation, including its decision, matched gate, reason, and provided context, so reviewers can inspect local evidence instead of trusting an agent summary.
Enterprise is intake-first and scoped around one workflow's approval boundaries, rollback plan, evidence requirements, and rollout support. Hosted team sync, org dashboards, SSO, SIEM, and compliance packaging are not general-availability runtime features.
Big orchestration suites unify data, routes, and decisions. ThumbGate sits closer to the moment of execution: the point where an agent is about to run a shell command, ship a PR, approve a release, or repeat a mistake you already corrected. That is where workflow trust is won or lost.
Good at customer journeys, routing, and cross-system context. Weak when you need a coding agent or automation to stop before a destructive or low-trust action actually runs.
Turns accepted operator feedback into local lessons and recurring failures into Pre-Action Checks. Supported agent integrations evaluate matching rules at the tool-call boundary. Detected secret exfiltration and gate kill/bypass commands deny by default; strict mode also denies matching warning-mode checks.
Use orchestration to decide what should happen next. Use ThumbGate to decide what is allowed to execute. That is the control layer enterprises actually need once agents touch repos, terminals, CI, or production workflows.
Autoresearch loops run experiments, inspect metrics, and accept better variants. ThumbGate gives those loops a Reliability Gateway: Pre-Action Checks for skipped holdout tests, fake proof, reward hacking, unsafe edits, and promotion without verification evidence.
Require primary and holdout checks before an agent can call a variant better. Flag cherry-picked runs and missing baselines, then configure strict enforcement where a deny is required.
Promotion needs commands, logs, changed files, and verification evidence so the win survives review instead of becoming a vague claim.
Start with templates for npm test, Playwright duration, bundle size, lint, and CI failures, then add shared workflow checks for team-owned releases.
Persistent agent skills create reusable instructions. ThumbGate adds a governed reliability layer: capture accepted feedback, export local lessons where the plan permits it, and inspect how a configured pre-action gate evaluated the next matching tool call before execution.
Accepted lessons can supply reusable rule and skill-pack context. Moving that context between supported agents requires an explicit operator-managed export/import or a shared local install scope.
Persistent skills tell an agent what you prefer. ThumbGate evaluates configured checks against the next proposed action and returns allow, warn, or deny before execution.
Local gate results expose the matched rule and available decision context so operators can review what fired instead of relying only on hidden chatbot memory.
Self-improving โ but for safety, not capability: human-in-the-loop accepted feedback becomes local lessons, recurring failures can become prevention rules, and regression tests help detect false-positive rule matches.
Give ๐ or a concrete ๐ on your AI agent's actions. Accepted feedback is stored in a local SQLite+FTS5 lesson DB. In the current Claude auto-capture hook, a vague thumbs-down can distill from up to 8 prior recorded entries and the failed tool call before promotion, then stay linked to a 60-second feedback session. Recurring accepted failures can auto-promote into a prevention rule.
Repeated failures auto-promote into prevention rules. Thompson Sampling adapts which rules fire, and the reflector lane can propose a reusable rule from the same transcript so high-risk patterns get stricter enforcement while low-risk ones stay relaxed.
Rules become Pre-Action Checks that evaluate proposed tool calls before execution. Detected secret exfiltration and gate kill/bypass commands deny by default; matching force-push, destructive-delete, fetch-and-run, or learned checks warn unless strict enforcement turns them into denies.
Gate results report the decision, matched gate, and available reason or evidence context.
Configured checks run at the tool-call boundary. Detected secret exfiltration and gate kill/bypass commands deny by default; set THUMBGATE_STRICT_ENFORCEMENT=1 to deny matching warning-mode checks.
Decision reasons and Thompson Sampling confidence tiers are available where the evaluator produces them.
Recurring accepted failures can auto-promote to checks. Pro includes a personal local dashboard; a hosted org dashboard is not generally available.
When Workflow Sentinel predicts a risky local action, ThumbGate can recommend Docker Sandboxes before the agent touches the host filesystem or broader credentials.
Changesets, SemVer, sync checks, and verification evidence make new package releases inspectable before a buyer trusts the next rollout.
npx thumbgate init --agent claude-code
Wires PreToolUse hooks automatically
npx thumbgate init --agent cursor
4 skills: feedback, rules, search, recall
npx thumbgate init --agent codex
6 skills including adversarial review
npx thumbgate init --agent gemini
Gemini CLI integration
npx thumbgate init --agent amp
Amp agent integration
npx thumbgate serve
MCP stdio server for any compatible client
Add to your claude_desktop_config.json:
{
"mcpServers": {
"thumbgate": {
"command": "npx",
"args": ["--yes", "--package", "thumbgate", "thumbgate", "serve"]
}
}
}
Official directory review is separate. Claude Code users can install immediately with /plugin marketplace add IgorGanapolsky/ThumbGate and /plugin install thumbgate@thumbgate-marketplace.
| Free $0 forever |
Pro $19/mo or $149/yr |
Enterprise Custom โ scoped after intake |
|
|---|---|---|---|
| Local PreToolUse enforcement (configured integrations) | โ | โ | Scoped after intake |
| Feedback captures | 2/day (10 total) | Unlimited | Scoped after intake |
| Active auto-promoted prevention rules | 3 | Unlimited | Scoped after intake |
| Lesson recall + search across sessions | โ | โ | Scoped after intake |
| Personal dashboard + DPO export | โ | โ | Scoped after intake |
| Hosted team lesson sync | โ | โ | Not GA |
| Hosted org dashboard | โ | โ | Not GA |
| Approval boundaries + rollout design | โ | โ | Scoped after intake |
| SSO, SIEM + compliance packaging | โ | โ | Not GA |
| Best for | One developer | Solo operators | Teams & regulated orgs |
2 captures/day, 3 active rules. Enough to see the value โ upgrade when you need more.
THUMBGATE_STRICT_ENFORCEMENT=1)Billed today ยท cancel anytime.
| Capability | Free | Pro | Enterprise |
|---|---|---|---|
| Best for | One developer evaluating local checks | One operator who wants personal recall, dashboard proof, managed adapters, and exports | Teams & regulated organizations scoping one governed workflow |
| Price | $0 | $19/mo or $149/yr | Custom โ scoped after intake |
| Feedback captures | 2/day, 10 total | Unlimited | Scoped after intake; hosted team sync is not GA |
| Active prevention rules | 3 active rules | Unlimited personal rules | Approval boundaries and rollout requirements scoped after intake |
| Dashboard and proof | Local CLI evidence | Personal dashboard, check debugger, DPO/HF exports | Hosted org dashboard, SIEM, and compliance packaging are not GA |
| How to start | npx thumbgate init |
Self-serve Stripe checkout | Send one repeated workflow failure first โ intake before checkout |
Free provides capped local evaluation. Pro removes individual limits and adds recall, search, a personal dashboard, and exports. Enterprise starts through intake to scope one workflow; it does not imply generally available hosted team features.
Pricing and deliverables are scoped after intake; no hosted-team capability is promised before verification.
Start with one repo, one workflow owner, and one repeated failure. The intake scopes the evidence needed to determine whether ThumbGate fits that action boundary before any wider rollout claim.
The highest-fit Enterprise buyer is already feeling one repeated failure in a workflow where mistakes have real consequences. Send the workflow first so the next step is scoped around the real blocker instead of a blind checkout.
THUMBGATE_STRICT_ENFORCEMENT=1) turns matching warning-mode checks into denies.npx thumbgate init --agent cursor, while the in-app Marketplace listing remains separate. VS Code can host an MCP-compatible agent, but this repo does not ship a standalone VS Code extension.npx thumbgate init plus the documented integration setup.npx thumbgate setup-vertex setup helper for operators who choose the optional Vertex adapter. Whether evaluations stay within a particular VPC depends on the operator's Google Cloud configuration and must be verified in that deployment. Dialogflow CX governance is an intake-scoped integration requirement, not a generally available hosted deployment claim.Join the mailing list for new check patterns, agent integration updates, and product news. If you later choose Pro, we keep checkout prefilled on this device.
Install the local CLI without a credit card or account, then configure the integration for your agent.