ThumbGate / Blog

Dual-Signal Feedback: Why "What Failed" Isn't Enough

Standard thumbs-down tells you something went wrong. But was it a bad decision (wrong tool) or bad execution (right tool, wrong parameters)?

Inspired by Gen-Searcher's dual reward system, ThumbGate now supports an optional failureType field on capture_feedback:

• "decision" — the agent chose the wrong action entirely
• "execution" — right action, bad parameters or output

Thompson Sampling creates separate sub-arms (e.g., git:decision and git:execution) so reliability scores diverge per dimension. An agent might be great at choosing git commands but bad at parameterizing them — now you can see that distinction.

Backward compatible. Existing feedback without failureType works unchanged.

The Claude Code Leak Proves Why Pre-Action Gates Matter

Anthropic accidentally shipped 512,000 lines of Claude Code source inside an npm package. A missing .npmignore exposed the full agent architecture: tool-call loops, permission models, retry logic, 44 unreleased feature flags.

Within 24 hours, a clean rewrite called Claw-code hit 100K GitHub stars — the fastest-growing repo in GitHub history.

What the leak revealed about agent security

Claude Code has a sophisticated permission model and tool-calling pipeline. What it does not have is feedback-driven enforcement — the ability to learn from past mistakes and physically block the agent from repeating them.

That's exactly what ThumbGate does. Every Claude Code user — and every Claw-code user — can add pre-action gates today:

• Thumbs-down a mistake — it auto-generates a prevention rule
• Gates enforce — PreToolUse hooks block the action before execution
• Reasoning chains explain — every block tells you WHY
• Thompson Sampling adapts — confidence tiers prevent false blocks

Install in 30 seconds

npx thumbgate init works with Claude Code, Claw-code, Cursor, Codex, Gemini, Amp, and any MCP-compatible agent.

The leak proves agents are powerful but fallible software. Memory without enforcement is a suggestion. ThumbGate is a guarantee.

v0.8.5: Gate Reasoning Chains, Org Dashboard, and the Checkout Funnel That Didn't Exist

ThumbGate v0.8.5 is our biggest release yet. Here's what shipped and why.

The problem we didn't see

~1,700 developers install ThumbGate via npm every month. Zero of them ever saw a checkout button. They find the GitHub README, run npx thumbgate init, use it for free, and never visit the landing page. The checkout flow nobody reaches is irrelevant. We were optimizing a storefront in a building with no door.

Gate reasoning chains

Every gate block and warning now explains WHY it fired. When ThumbGate blocks a git push --force, the response includes:

• Which pattern matched and what it matched against
• Gate identity: ID, action, layer, severity
• Source: manual policy rule vs auto-promoted from feedback
• How to bypass: satisfy_gate("pr_threads_checked")
• Historical fire count: "blocked 23x, warned 15x"

This was inspired by the neuro-symbolic explainability trend in production AI systems. Gates are the symbolic rules; Thompson Sampling provides the statistical confidence. The reasoning chain bridges both.

Multi-agent org dashboard

"I'm not going to have 10,000 agents running in the environment that I don't know what they're doing." — CIO.com, March 2026

The new org_dashboard MCP tool aggregates gate decisions across all registered agent sessions. CIOs and team leads see: total active agents, org-wide adherence rate, top blocked gates, and risk agents (those with the lowest adherence). Free tier shows 3 agents; Pro shows the full org.

Multi-hop agentic retrieval

Inspired by Chroma's Context-1, constructMultiHopPack iteratively retrieves context, prunes weak chunks, refines the query with expansion terms, and checks coverage — stopping when the coverage threshold (60%) is met or max hops are reached. Each hop is logged.

Thompson Sampling calibration

MIN_SAMPLES_THRESHOLD (5) prevents low-sample overconfidence. getCalibration() reports per-category confidence tiers: none (0 samples), low (1-4), medium (5-19), high (20+). Callers know when to trust the statistical arm vs fall back to rules.

The funnel fix

Four touchpoints now put the checkout URL where 100% of npm users actually are:

• Post-install banner — prints after npm install (stderr, CI-safe)
• Free-tier rate limits — power features capped, upgrade URL in error
• MCP enforceLimit — agents surface the checkout URL when limits hit
• CLI upgrade nudge — after init, capture, stats

13 funnel invariant CI tests prevent this blindspot from ever regressing.