MCP.so
登录

ThumbGate (npm: mcp-memory-gateway)

@IgorGanapolsky

关于 ThumbGate (npm: mcp-memory-gateway)

Agent governance for ThumbGate: 👍/👎 become Pre-Action Checks that flag repeat mistakes and hard-block the risky ones before code or systems change.

基本信息

分类

记忆与知识

许可证

MIT

运行时

node

发布者

IgorGanapolsky

配置

使用下面的配置,将此服务器添加到你的 MCP 客户端。

{
  "mcpServers": {
    "thumbgate": {
      "command": "npx",
      "args": [
        "thumbgate",
        "init",
        "#",
        "auto-detects",
        "your",
        "agent,",
        "wires",
        "hooks,",
        "30",
        "seconds"
      ]
    }
  }
}

工具

未检测到工具

工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。

概览

What is ThumbGate?

ThumbGate is a local-first firewall for AI coding agents that runs in the PreToolUse hook. It hard-blocks catastrophic tool calls by default (secret exfiltration, destructive deletes, supply-chain attacks) and warns‑and‑logs all other risk classes, with optional strict enforcement. It works across Claude Code, Cursor, Codex, Gemini CLI, Amp, Cline, and OpenCode, and requires no server on the enforcement path.

How to use ThumbGate?

Run npx thumbgate init to auto-detect your agent and wire the hooks (about 30 seconds). To create a prevention rule, use npx thumbgate capture down "Never run DROP on production tables". Discoverable slash-commands (/thumbgate-guard, /thumbgate-rules, etc.) are installed into the agent’s palette for browsing and invoking enforcement actions.

Key features of ThumbGate

  • PreToolUse hook catches dangerous calls before the model spends tokens.
  • Hard-blocks catastrophic classes (secret exfiltration, rm -rf, supply‑chain) by default.
  • Warns and logs other risk classes; hard‑blocks everything under THUMBGATE_STRICT_ENFORCEMENT=1.
  • Thumbs‑down feedback becomes reusable, auto‑promoted prevention rules.
  • Context Brain (BRAIN.md) gives each agent session persistent institutional memory.
  • Slash commands (/thumbgate-guard, /thumbgate-rules, etc.) for discoverable guardrails.

Use cases of ThumbGate

  • Preventing an AI agent from force‑pushing to main after one thumbs‑down.
  • Hard‑blocking destructive deletes (rm -rf) and secret leaks without waiting for a review.
  • Stopping repeated tool‑call mistakes across sessions to avoid unnecessary token spend.
  • Enforcing branch/release governance with scoped, expiring approvals.
  • Auditing every interception with a dashboard that tracks tokens saved and enforcement events.

FAQ from ThumbGate

How does ThumbGate differ from agent dashboards or observability tools?

ThumbGate is a pre‑action enforcement layer, not a post‑hoc dashboard. It blocks or warns before the tool call executes, preventing damage and token waste, while dashboards only report what already happened.

What are the runtime requirements?

ThumbGate runs locally via npx and works with any MCP‑compatible agent. No server is required on the enforcement path. It operates in the PreToolUse hook on the developer’s machine.

Where does my data live?

All data — feedback, prevention rules, lessons — lives locally in the repository (e.g., .thumbgate/). There is no default cloud sync; enterprise plans offer an optional shared hosted lesson DB.

Are there usage limits?

The free tier allows up to 2 feedback captures per day (10 total) and up to 3 active auto‑promoted prevention rules. Pro ($19/mo or $149/yr) removes these limits and adds the dashboard, DPO export, and history‑aware lessons.

Does ThumbGate support multi‑agent teams?

Yes. It works across Claude Code, Cursor, Codex, Gemini CLI, Amp, Cline, and OpenCode. Enterprise plans add org‑wide shared lesson databases and enforcement rules.

评论

记忆与知识 分类下的更多 MCP 服务器