igorganapolsky/skills/verify-pricing-surfaces
skills/verify-pricing-surfaces/SKILL.md
# Skill: Verify Pricing Surfaces Repeatable skill for verifying all revenue-generating pages are live, have analytics, and have working Stripe links. Covers both ThumbGate and ApplyOps. ## When to use - Session startup (quick health check) - After any deploy to ThumbGate or ApplyOps - CEO asks "why aren't we making money?" or "is everything working?" - Before any pricing/checkout changes ## Steps ### 1. ThumbGate pricing surfaces ```bash # Homepage — all 3 analytics curl -sL https://thumbg
$ install --global
skillsauthnpx skillsauth add igorganapolsky/mcp-memory-gateway skills/verify-pricing-surfacesInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Jun 8, 2026, 2:35 AM165.5s1 file scanned
SKILL.md
Skill: Verify Pricing Surfaces
Repeatable skill for verifying all revenue-generating pages are live, have analytics, and have working Stripe links. Covers both ThumbGate and ApplyOps.
When to use
- Session startup (quick health check)
- After any deploy to ThumbGate or ApplyOps
- CEO asks "why aren't we making money?" or "is everything working?"
- Before any pricing/checkout changes
Steps
1. ThumbGate pricing surfaces
# Homepage — all 3 analytics
curl -sL https://thumbgate.ai/ | grep -oE 'plausible|posthog|gtag' | sort -u
# Expected: gtag, plausible, posthog
# Pricing page — all 3 analytics + correct prices
curl -sL https://thumbgate.ai/pricing | grep -oE '\$[0-9]+' | sort -u
# Expected: $0, $19, $149 (Free / Pro monthly / Pro annual; Enterprise is "Custom")
# Checkout interstitial — plausible + first-party telemetry ONLY (by design)
curl -sL https://thumbgate.ai/checkout/pro | grep -oE 'plausible|posthog|gtag' | sort -u
# Expected: plausible
# NOTE: the /checkout/pro confirmation interstitial is a deliberately-minimal, sampled,
# bot-protected page (renderCheckoutIntentPage in src/api/server.js). It is instrumented
# with plausible custom events + first-party server telemetry (checkout_interstitial_view /
# _cta_clicked), NOT gtag/posthog page-view scripts. Do NOT "fix" it by adding gtag/posthog —
# that adds latency to the fast checkout path. gtag+posthog belong on /pricing and homepage only.
# Checkout actually redirects to live Stripe (this is the real health signal):
curl -s -o /dev/null -w '%{http_code} %{redirect_url}\n' "https://thumbgate.ai/checkout/pro?confirm=1&[email protected]"
# Expected: 302 https://checkout.stripe.com/c/pay/cs_live_...
# Health check
curl -sf https://thumbgate.ai/health | python3 -c "import sys,json; d=json.load(sys.stdin); print(f'v{d[\"version\"]} up={d[\"uptime\"]:.0f}s ok={d[\"status\"]}')"
2. ApplyOps pricing surfaces
# Landing page — all 3 analytics
curl -sL https://igorganapolsky.github.io/applyops/ | grep -oE 'plausible|posthog|gtag' | sort -u
# Expected: gtag, plausible, posthog
# Correct prices shown
curl -sL https://igorganapolsky.github.io/applyops/ | grep -oE '\$[0-9,]+' | sort -u
# Expected: $1,500 $149 $49
# Subpages live
curl -sf -o /dev/null -w '%{http_code}' https://igorganapolsky.github.io/applyops/intake.html
curl -sf -o /dev/null -w '%{http_code}' https://igorganapolsky.github.io/applyops/sample-truth-snapshot.html
# Expected: 200, 200
3. Stripe payment links
# ThumbGate Pro checkout redirects to Stripe
curl -sL https://thumbgate.ai/checkout/pro?confirm=1&[email protected] -o /dev/null -w '%{http_code} %{redirect_url}'
# Expected: 303 to checkout.stripe.com
# ApplyOps Stripe links resolve
for link in 3cIaEX1M80aO9G1fSH3sI2N 3cI3cvgH26zccSd7mb3sI2O 9B600j4YkcXAcSdayn3sI2P; do
code=$(curl -sL -o /dev/null -w '%{http_code}' "https://buy.stripe.com/$link")
echo "$link → $code"
done
# Expected: all 200
4. Plausible live data
source /Users/igorganapolsky/workspace/git/igor/ThumbGate/repo/.env
# ThumbGate visitors
curl -s -H "Authorization: Bearer $PLAUSIBLE_API_KEY" \
'https://plausible.io/api/v1/stats/aggregate?site_id=thumbgate-production.up.railway.app&period=7d&metrics=visitors,pageviews'
# ApplyOps / GitHub Pages visitors
curl -s -H "Authorization: Bearer $PLAUSIBLE_API_KEY" \
'https://plausible.io/api/v1/stats/aggregate?site_id=igorganapolsky.github.io&period=7d&metrics=visitors,pageviews'
# ThumbGate checkout funnel events (30d)
for event in "pricing_cta_click" "Checkout Pro Viewed" "Checkout Pro Email Submitted" "Checkout Pro Stripe Redirect Started" "Checkout Pro Purchase Completed"; do
count=$(curl -s -H "Authorization: Bearer $PLAUSIBLE_API_KEY" \
"https://plausible.io/api/v1/stats/aggregate?site_id=thumbgate-production.up.railway.app&period=custom&date=2026-04-26,2026-05-26&metrics=events&filters=event:name==$event" \
| python3 -c "import sys,json; print(json.load(sys.stdin)['results']['events']['value'])" 2>/dev/null || echo "0")
echo "$event → $count"
done
# ApplyOps CTA clicks
curl -s -H "Authorization: Bearer $PLAUSIBLE_API_KEY" \
'https://plausible.io/api/v1/stats/aggregate?site_id=igorganapolsky.github.io&period=30d&metrics=events&filters=event:name==applyops_cta_click'
5. Quick pass/fail summary
Print a table:
| Surface | Live? | Analytics? | Stripe? | Visitors (7d) | |---------|-------|-----------|---------|---------------| | thumbgate.ai | ✅/❌ | 3/3 or N/3 | ✅/❌ | N | | thumbgate.ai/pricing | ✅/❌ | 3/3 | — | — | | thumbgate.ai/checkout/pro | ✅/❌ | 3/3 | ✅/❌ | — | | igorganapolsky.github.io/applyops | ✅/❌ | 3/3 | ✅/❌ | N |
Pricing truth (last verified 2026-05-26)
ThumbGate (COMMERCIAL_TRUTH.md is canonical)
- Free: $0 (CLI)
- Pro: $19/mo or $149/yr
- Team: $49/seat/mo (intake-led)
ApplyOps
- Truth Snapshot: $49
- Resume OS Pro: $149
- Done-For-You Sprint: $1,500
If something is broken
- ThumbGate pages missing analytics → check
hostedConfig.posthogApiKeyandhostedConfig.gaMeasurementIdin Railway env vars. Useskills/configure-analytics/SKILL.md. - ApplyOps pages 404 → deploy from Resume repo to
.github.iorepo. Useskills/applyops-deploy/SKILL.md. - Stripe links broken → check Stripe dashboard in Chrome for archived/deleted payment links.
- Plausible returns zeros → check
PLAUSIBLE_API_KEYand site registration at plausible.io.
Related Skills
igorganapolsky/thumbgate-rules
tools
VerifiedTrustedCommunity
List the active ThumbGate prevention rules, reliability rules, and the promoted lessons behind them, so the user can see which guardrails are currently protecting this project and WHY each one exists. Reads the live rule and lesson stores via the prevention_rules, get_reliability_rules, and search_lessons MCP tools (CLI fallback `npx thumbgate rules`). Use when the user says "what is ThumbGate protecting me from", "show my rules", "show my gates", "what has the agent learned", "list active guardrails", or "what's blocked here". Do NOT use to CREATE a new rule (use the thumbgate-guard skill), to see runtime enforcement counts of what actually fired (use the thumbgate-blocked skill), or to diagnose whether ThumbGate is wired up at all (use the thumbgate-doctor skill).
23SKILL.mdUpdated Jun 12, 2026
igorganapolsky/thumbgate-protect
tools
VerifiedTrustedCommunity
Inspect this repo's branch and release governance (protected branches, release rules, protected-file globs) and, only when the user explicitly approves, grant a scoped, time-limited exception so a protected-file edit or publish can proceed under audit. Reads posture via the get_branch_governance MCP tool and records a narrow, expiring approval via the approve_protected_action MCP tool. Use when the user says "is main protected", "show branch governance", "what am I blocked from editing", "approve this protected change", or "let me edit a protected file just this once". Do NOT use to disable protection wholesale, to grant broad or standing exceptions, or to diagnose hook wiring (use the thumbgate-doctor skill) — this skill is for narrow, temporary, audited approvals only.
23SKILL.mdUpdated Jun 12, 2026
igorganapolsky/thumbgate-guard
tools
VerifiedTrustedCommunity
Turn the agent's most recent mistake into an enforced ThumbGate prevention rule (a PreToolUse block gate) so the same bad tool call is intercepted before it runs again, in this and every future session across Claude Code, Cursor, Codex, Gemini, Amp, and Cline. Captures the failure with the capture_feedback MCP tool, then force-promotes it via `npx thumbgate force-gate` so it is enforced, not just logged. Use when the user says "guard against this", "block this from happening again", "never do that again", "make that a rule", "stop the agent from repeating that", or right after a bad action or thumbs-down that should become a hard rule. Do NOT use to merely log a thumbs-up/down without enforcement (use the thumbgate-feedback skill), to recall prior context before starting work (use the Agent Memory skill), or to list rules that already exist (use the thumbgate-rules skill).
23SKILL.mdUpdated Jun 12, 2026
igorganapolsky/thumbgate-doctor
tools
VerifiedTrustedCommunity
Health-check whether ThumbGate is actually wired into this agent — PreToolUse/SessionStart hooks installed, MCP server reachable, lesson store present, statusline, and overall agent-readiness — then report exactly what to fix. Runs the existing `npx thumbgate doctor` audit and the check_operational_integrity MCP tool. Use when the user says "is ThumbGate wired up", "thumbgate doctor", "check my guardrails are installed", "why aren't my gates firing", "is the MCP server connected", or "agent readiness". Do NOT use to view rules (use the thumbgate-rules skill), to view what was blocked (use the thumbgate-blocked skill), or to capture a new rule (use the thumbgate-guard skill) — this skill only diagnoses setup and wiring.
23SKILL.mdUpdated Jun 12, 2026