Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

igorganapolsky/thumbgate-blocked

Name: thumbgate-blocked
Author: igorganapolsky

skills/thumbgate-blocked/SKILL.md

npx skillsauth add igorganapolsky/rlhf-feedback-loop thumbgate-blocked

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

ThumbGate Blocked

Show the enforcement record: how many risky actions were blocked vs warned, which gates fire most, and the full feedback → check → rejection pipeline. Each block is a repeat mistake stopped before it spent tokens or did damage.

This skill wraps existing ThumbGate capability and adds no new logic — it reads the live enforcement counters.

Workflow

Headline numbers with the gate_stats MCP tool: blocked count, warned count, and the top gates by hits. (CLI fallback: npx thumbgate gate-stats.)
Full picture with the enforcement_matrix MCP tool: feedback-pipeline stats, active pre-action checks, and the rejection ledger with revival conditions.
Summarize for the user: total blocks, most-triggered gates, and anything in the rejection ledger close to revival.
If counts are all zero, say enforcement is wired but hasn't fired yet and point to the thumbgate-guard skill to promote a rule.

Field-by-field meanings (blocked vs warned, the rejection ledger, revival conditions) are in references/enforcement-fields.md.

Example

Input: "is ThumbGate actually blocking anything? how many tokens did we save?"

Action: call gate_stats for the counters and enforcement_matrix for the pipeline, then:

14 blocks, 3 warns in the last 30 days. Top gate: no-force-push-main (6 hits). Estimated ~9k tokens saved from re-runs avoided. 1 archived gate is one strike from revival.

Troubleshooting

All zeros but rules exist: enforcement is wired but no gated action has been attempted yet — this is normal early on.
All zeros and rules also empty: nothing has been promoted — use the thumbgate-guard skill.
gate_stats / enforcement_matrix unreachable: fall back to npx thumbgate gate-stats, then run the thumbgate-doctor skill to confirm the MCP server and hooks are live.

Quality checklist (self-verify before delivering)

[ ] I pulled real counters via gate_stats (or the npx thumbgate gate-stats fallback), not estimates.
[ ] I included the full pipeline via enforcement_matrix, not just the headline block count.
[ ] I framed each block as a prevented repeat mistake (tokens/damage avoided), with real numbers.
[ ] On all-zero, I explained why (wired-but-unfired vs nothing-promoted) instead of implying failure.
[ ] I added no new logic — only read existing enforcement counters.

igorganapolsky/thumbgate-blocked

skills/thumbgate-blocked/SKILL.md

Show ThumbGate's enforcement record — how many risky actions were actually blocked versus warned, which gates fire most, the tokens/damage saved, and the full feedback to check to rejection pipeline. Reads live enforcement counters via the gate_stats and enforcement_matrix MCP tools (CLI fallback `npx thumbgate gate-stats`). Use when the user says "what has ThumbGate blocked", "show gate stats", "is enforcement working", "how many tokens did we save", "show the enforcement matrix", or "what got stopped". Do NOT use to list rule DEFINITIONS that exist (use the thumbgate-rules skill), to create a new rule (use the thumbgate-guard skill), or to check whether ThumbGate is installed and wired (use the thumbgate-doctor skill).

23 stars

tools

Updated Jun 12, 2026

$ install --global

skillsauth

npx skillsauth add igorganapolsky/rlhf-feedback-loop thumbgate-blocked

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Jun 12, 2026, 2:41 AM20.9s2 files scanned

SKILL.md

name:: thumbgate-blocked
description:: Show ThumbGate's enforcement record — how many risky actions were actually blocked versus warned, which gates fire most, the tokens/damage saved, and the full feedback to check to rejection pipeline. Reads live enforcement counters via the gate_stats and enforcement_matrix MCP tools (CLI fallback `npx thumbgate gate-stats`). Use when the user says "what has ThumbGate blocked", "show gate stats", "is enforcement working", "how many tokens did we save", "show the enforcement matrix", or "what got stopped". Do NOT use to list rule DEFINITIONS that exist (use the thumbgate-rules skill), to create a new rule (use the thumbgate-guard skill), or to check whether ThumbGate is installed and wired (use the thumbgate-doctor skill).

ThumbGate Blocked

This skill wraps existing ThumbGate capability and adds no new logic — it reads the live enforcement counters.

Workflow

Headline numbers with the gate_stats MCP tool: blocked count, warned count, and the top gates by hits. (CLI fallback: npx thumbgate gate-stats.)
Full picture with the enforcement_matrix MCP tool: feedback-pipeline stats, active pre-action checks, and the rejection ledger with revival conditions.
Summarize for the user: total blocks, most-triggered gates, and anything in the rejection ledger close to revival.
If counts are all zero, say enforcement is wired but hasn't fired yet and point to the thumbgate-guard skill to promote a rule.

Field-by-field meanings (blocked vs warned, the rejection ledger, revival conditions) are in references/enforcement-fields.md.

Example

Input: "is ThumbGate actually blocking anything? how many tokens did we save?"

Action: call gate_stats for the counters and enforcement_matrix for the pipeline, then:

14 blocks, 3 warns in the last 30 days. Top gate: no-force-push-main (6 hits). Estimated ~9k tokens saved from re-runs avoided. 1 archived gate is one strike from revival.

Troubleshooting

All zeros but rules exist: enforcement is wired but no gated action has been attempted yet — this is normal early on.
All zeros and rules also empty: nothing has been promoted — use the thumbgate-guard skill.
gate_stats / enforcement_matrix unreachable: fall back to npx thumbgate gate-stats, then run the thumbgate-doctor skill to confirm the MCP server and hooks are live.

Quality checklist (self-verify before delivering)

[ ] I pulled real counters via gate_stats (or the npx thumbgate gate-stats fallback), not estimates.
[ ] I included the full pipeline via enforcement_matrix, not just the headline block count.
[ ] I framed each block as a prevented repeat mistake (tokens/damage avoided), with real numbers.
[ ] On all-zero, I explained why (wired-but-unfired vs nothing-promoted) instead of implying failure.
[ ] I added no new logic — only read existing enforcement counters.

Related Skills

igorganapolsky/thumbgate-rules

tools

VerifiedTrustedCommunity

List the active ThumbGate prevention rules, reliability rules, and the promoted lessons behind them, so the user can see which guardrails are currently protecting this project and WHY each one exists. Reads the live rule and lesson stores via the prevention_rules, get_reliability_rules, and search_lessons MCP tools (CLI fallback `npx thumbgate rules`). Use when the user says "what is ThumbGate protecting me from", "show my rules", "show my gates", "what has the agent learned", "list active guardrails", or "what's blocked here". Do NOT use to CREATE a new rule (use the thumbgate-guard skill), to see runtime enforcement counts of what actually fired (use the thumbgate-blocked skill), or to diagnose whether ThumbGate is wired up at all (use the thumbgate-doctor skill).

23SKILL.mdUpdated Jun 12, 2026

igorganapolsky/thumbgate-rules

igorganapolsky/thumbgate-protect

tools

VerifiedTrustedCommunity

Inspect this repo's branch and release governance (protected branches, release rules, protected-file globs) and, only when the user explicitly approves, grant a scoped, time-limited exception so a protected-file edit or publish can proceed under audit. Reads posture via the get_branch_governance MCP tool and records a narrow, expiring approval via the approve_protected_action MCP tool. Use when the user says "is main protected", "show branch governance", "what am I blocked from editing", "approve this protected change", or "let me edit a protected file just this once". Do NOT use to disable protection wholesale, to grant broad or standing exceptions, or to diagnose hook wiring (use the thumbgate-doctor skill) — this skill is for narrow, temporary, audited approvals only.

23SKILL.mdUpdated Jun 12, 2026

igorganapolsky/thumbgate-protect

igorganapolsky/thumbgate-guard

tools

VerifiedTrustedCommunity

Turn the agent's most recent mistake into an enforced ThumbGate prevention rule (a PreToolUse block gate) so the same bad tool call is intercepted before it runs again, in this and every future session across Claude Code, Cursor, Codex, Gemini, Amp, and Cline. Captures the failure with the capture_feedback MCP tool, then force-promotes it via `npx thumbgate force-gate` so it is enforced, not just logged. Use when the user says "guard against this", "block this from happening again", "never do that again", "make that a rule", "stop the agent from repeating that", or right after a bad action or thumbs-down that should become a hard rule. Do NOT use to merely log a thumbs-up/down without enforcement (use the thumbgate-feedback skill), to recall prior context before starting work (use the Agent Memory skill), or to list rules that already exist (use the thumbgate-rules skill).

23SKILL.mdUpdated Jun 12, 2026

igorganapolsky/thumbgate-guard

igorganapolsky/thumbgate-doctor

tools

VerifiedTrustedCommunity

Health-check whether ThumbGate is actually wired into this agent — PreToolUse/SessionStart hooks installed, MCP server reachable, lesson store present, statusline, and overall agent-readiness — then report exactly what to fix. Runs the existing `npx thumbgate doctor` audit and the check_operational_integrity MCP tool. Use when the user says "is ThumbGate wired up", "thumbgate doctor", "check my guardrails are installed", "why aren't my gates firing", "is the MCP server connected", or "agent readiness". Do NOT use to view rules (use the thumbgate-rules skill), to view what was blocked (use the thumbgate-blocked skill), or to capture a new rule (use the thumbgate-guard skill) — this skill only diagnoses setup and wiring.

23SKILL.mdUpdated Jun 12, 2026

igorganapolsky/thumbgate-doctor

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/igorganapolsky/rlhf-feedback-loop.git

# Copy into Claude Code skills folder (global)
cp -r rlhf-feedback-loop/skills/thumbgate-blocked ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

igorganapolsky/rlhf-feedback-loop

23 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT