Cursor Rules TemplatesTemplate

Cursor Rules Template for AI-Powered Internal Reporting Tool

Cursor Rules Template for building an AI-powered internal reporting tool that connects to databases, generates charts, tables, and summaries using Python FastAPI, PostgreSQL, and Cursor AI.

cursor-rules-templatecursor-rulesai-poweredinternal-reportingpython-fastapipostgresqlsqlalchemychartingdata-summariescursor-airules-for-development

Target User

Developers building AI-powered internal reporting tools

Use Cases

  • Connect to PostgreSQL to fetch data for reports
  • Generate dynamic charts and tables
  • Produce natural language summaries of data
  • Automate scheduled report generation
  • Support ad-hoc data exploration via natural language prompts

Markdown Template

Cursor Rules Template for AI-Powered Internal Reporting Tool

Framework Role & Context
You are a Python FastAPI based AI-enabled reporting assistant that queries PostgreSQL via async SQLAlchemy and renders charts with Plotly. Your objective is to produce correct data retrieval prompts, transform results into charts and tables, and generate concise summaries for internal stakeholders.

Code Style and Style Guides
- Follow PEP8 conventions
- Format with Black
- Sort imports with isort
- Use type hints and mypy where applicable

Architecture & Directory Rules
Project layout:
app/
  main.py
  api/
    endpoints/
      reports.py
  core/
    config.py
  db/
    models.py
  repositories/
    report_repository.py
  services/
    chart_service.py
    summary_service.py
  reports/
    chart_renderer.py
  visuals/
    charts/
tests/
  unit/
  integration/
migrations/
config/

Authentication & Security Rules
- Implement OAuth2 with JWT tokens
- Never log secrets or credentials
- Enforce HTTPS in production
- Store secrets in environment variables or secure vaults
- Validate inputs, outputs, and user permissions

Database and ORM patterns
- Async SQLAlchemy sessions
- Declarative models for Report, Chart, Summary
- Use parameterized queries; avoid raw dumps
- Centralized data access layers with repository pattern

Testing & Linting Workflows
- PyTest with fixtures
- Static type checks with mypy
- Linting with Black and isort
- CI/CD hooks for tests and linting

Prohibited Actions & Anti-patterns
- Do not execute shell commands via AI prompts
- Do not embed secrets or credentials in prompts or code
- Do not bypass authentication or access controls
- Do not generate non-parameterized SQL
- Do not produce unvalidated or unsafe charts without data checks

Overview

Cursor rules configuration for an AI-powered internal reporting tool that connects to databases and generates charts, tables, and summaries. This template targets a Python FastAPI + PostgreSQL stack with Cursor AI integration to enable secure data access, automated visualization, and natural language summaries.

Direct answer: This Cursor Rules Template defines a safe, scalable set of prompts and constraints so Cursor AI can query PostgreSQL via async SQLAlchemy, render visualizations with Plotly, and produce accurate summaries while honoring auth, data governance, and reproducibility requirements.

When to Use These Cursor Rules

  • When building an AI-assisted internal reporting tool that must query live data from PostgreSQL and render charts and tables.
  • When you need a repeatable, auditable prompt set that enforces security, data access controls, and data transformation rules.
  • When dashboards require both visualizations and natural language summaries generated by Cursor AI.
  • When you want a copyable .cursorrules block to drop into project roots for consistency across teams.

Copyable .cursorrules Configuration

Framework Role & Context
You are a Python FastAPI based AI-enabled reporting assistant that queries PostgreSQL via async SQLAlchemy and renders charts with Plotly. Your objective is to produce correct data retrieval prompts, transform results into charts and tables, and generate concise summaries for internal stakeholders.

Code Style and Style Guides
- Follow PEP8 conventions
- Format with Black
- Sort imports with isort
- Use type hints and mypy where applicable

Architecture & Directory Rules
Project layout:
app/
  main.py
  api/
    endpoints/
      reports.py
  core/
    config.py
  db/
    models.py
  repositories/
    report_repository.py
  services/
    chart_service.py
    summary_service.py
  reports/
    chart_renderer.py
  visuals/
    charts/
tests/
  unit/
  integration/
migrations/
config/

Authentication & Security Rules
- Implement OAuth2 with JWT tokens
- Never log secrets or credentials
- Enforce HTTPS in production
- Store secrets in environment variables or secure vaults
- Validate inputs, outputs, and user permissions

Database and ORM patterns
- Async SQLAlchemy sessions
- Declarative models for Report, Chart, Summary
- Use parameterized queries; avoid raw dumps
- Centralized data access layers with repository pattern

Testing & Linting Workflows
- PyTest with fixtures
- Static type checks with mypy
- Linting with Black and isort
- CI/CD hooks for tests and linting

Prohibited Actions & Anti-patterns
- Do not execute shell commands via AI prompts
- Do not embed secrets or credentials in prompts or code
- Do not bypass authentication or access controls
- Do not generate non-parameterized SQL
- Do not produce unvalidated or unsafe charts without data checks

Recommended Project Structure

project-root/
├── app/
│   ├── main.py
│   ├── api/
│   │   ├── endpoints/
│   │   │   └── reports.py
│   │   └── dependencies.py
│   ├── core/
│   │   └── config.py
│   ├── db/
│   │   └── models.py
│   ├── repositories/
│   │   └── report_repository.py
│   ├── services/
│   │   ├── chart_service.py
│   │   └── summary_service.py
│   ├── reports/
│   │   ├── chart_renderer.py
│   │   └── report_generator.py
│   └── visuals/
│       └── charts/
├── tests/
│   ├── unit/
│   └── integration/
├── migrations/
├── README.md

Core Engineering Principles

  • Secure by default: enforce authentication, least privilege, and secret management.
  • Predictable data contracts: explicit schemas for inputs/outputs and data validation.
  • Observability: structured logging, metrics, and tracing for AI-driven prompts and data access.
  • Reproducibility: deterministic prompts and versioned Cursor rules blocks.
  • Testability: unit, integration, and end-to-end checks for data access and rendering paths.

Code Construction Rules

  • All data access must go through ORM models with parameterized queries.
  • Use async routes and sessions for database operations.
  • Prompts must be partitioned by domain: data access, transformation, visualization, and summarization.
  • Prompts should be deterministic where possible; avoid randomization in core data retrieval.
  • Renderer and charting requests must validate schema and data types before plotting.

Security and Production Rules

  • Enforce role-based access control on all endpoints and report generation features.
  • Store secrets in a vault; never commit credentials to code or repos.
  • Use TLS, rotate JWT signing keys, and implement token revocation checks.
  • Audit AI prompts for sensitive data exposure; redact PII where required.
  • Apply data governance rules: data masking, row-level security, and access logs.

Testing Checklist

  • Unit tests for data access, transformation, and rendering logic.
  • Integration tests against a local Postgres instance with representative schemas.
  • End-to-end tests that exercise prompts from input to chart output and summary.
  • Static typing checks and linting as part of CI.
  • Security tests for auth flows and input validation.

Common Mistakes to Avoid

  • Skipping parameterized queries and trusting raw user input.
  • Embedding secrets or credentials in prompts or code blocks.
  • Assuming Cursor AI can bypass authentication or data governance rules.
  • Overcomplicating prompts or coupling prompts to unsupported libraries.
  • Neglecting testing for data rendering accuracy and data drift in reports.

Related Cursor rules templates

Explore adjacent Cursor rules templates for similar stacks, workflows, and production constraints.

FAQ

What is a Cursor Rules Template for an AI-powered internal reporting tool?

A Cursor Rules Template provides a structured set of prompts, constraints, and architectural guidance that ensures Cursor AI can securely query databases, generate charts and tables, and produce accurate summaries within a Python FastAPI + PostgreSQL stack.

Which stack is this template tailored for?

This template targets Python FastAPI with PostgreSQL using async SQLAlchemy, JWT-based authentication, and Plotly for charts, enabling AI-assisted data visualization and summaries for internal reporting.

How do I integrate Cursor AI in production with this template?

Follow the Architecture & Directory Rules and Security Rules outlined here. Use environment-based config, secret management, and validated prompts; enforce access controls and audit prompts for governance.

What should I include in the copyable .cursorrules block?

Include Framework Role & Context, Code Style & Style Guides, Architecture & Directory Rules, Authentication & Security Rules, Database & ORM patterns, Testing & Linting Workflows, and Prohibited Actions to guide Cursor AI.

How do I validate this template locally?

Install dependencies, run PyTest-based unit and integration tests, validate prompts locally against a local Postgres instance, and verify chart rendering and summary accuracy before deployment.