Cursor Rules TemplatesCursor Rules Template

Cursor Rules Template: Customer Support Reply Assistants with Citations (Node.js + Express + PostgreSQL)

Cursor rules template for building a citation-backed customer support reply assistant using Node.js, Express, and PostgreSQL.

Cursor rules template.cursorrules templateCursor AIcustomer supportcitation-backednode.jsExpressPostgreSQLbackendKB integration

Target User

Developers building Cursor AI powered customer support reply assistants with citation-backed answers.

Use Cases

  • Build a chat assistant that delivers cited responses from KB and external docs
  • Automate customer support replies with traceable sources
  • Implement citation-aware answer generation in a Node.js backend

Markdown Template

Cursor Rules Template: Customer Support Reply Assistants with Citations (Node.js + Express + PostgreSQL)

.cursorrules
Framework: Node.js (Express) + PostgreSQL
Context: Build a customer support reply assistant that returns answers with citations sourced from KB and external docs. The assistant should format replies with inline citations and a bibliography block.

Framework Role & Context:
- You are a Cursor AI agent in a Node.js/Express backend.
- You produce concise, factual answers with sources.

Code Style and Style Guides:
- Language: TypeScript
- Lint: ESLint with Airbnb config
- Formatter: Prettier
- Testing: Jest

Architecture & Directory Rules:
- Use layered architecture: api, services, db, infra
- DB access via pg with parameterized queries
- Separate data access, business logic, response shaping

Authentication & Security Rules:
- JWT authentication for API routes
- Validate input; avoid secrets leakage
- Rate limit and CSRF where applicable

Database and ORM patterns:
- PostgreSQL with node-postgres (pg)
- No ORM; use prepared statements
- Map results to TS interfaces

Testing & Linting Workflows:
- Unit tests with Jest; API tests with supertest
- Lint pre-commit; CI runs tests
- Include integration tests for citation path

Prohibited Actions and Anti-patterns for the AI:
- Do not fabricate citations
- Do not reveal secrets
- Do not bypass auth
- Do not build dynamic SQL by string concat

Overview

The Cursor rules configuration presented here enables building a customer support reply assistant with citation-backed answers on a Node.js/Express backend backed by PostgreSQL. It defines how Cursor AI should reason about KB lookups, source attribution, and response formatting to ensure traceable, trustworthy replies suitable for live support scenarios.

When to Use These Cursor Rules

  • When you need customer-facing answers that include verifiable sources.
  • When replies must cite KB articles, policy pages, and external docs.
  • When building a Node.js/Express service that serves chat endpoints with strict typing and security requirements.
  • When you want a repeatable, shareable .cursorrules configuration for your team.

Copyable .cursorrules Configuration

.cursorrules
Framework: Node.js (Express) + PostgreSQL
Context: Build a customer support reply assistant that returns answers with citations sourced from KB and external docs. The assistant should format replies with inline citations and a bibliography block.

Framework Role & Context:
- You are a Cursor AI agent in a Node.js/Express backend.
- You produce concise, factual answers with sources.

Code Style and Style Guides:
- Language: TypeScript
- Lint: ESLint with Airbnb config
- Formatter: Prettier
- Testing: Jest

Architecture & Directory Rules:
- Use layered architecture: api, services, db, infra
- DB access via pg with parameterized queries
- Separate data access, business logic, response shaping

Authentication & Security Rules:
- JWT authentication for API routes
- Validate input; avoid secrets leakage
- Rate limit and CSRF where applicable

Database and ORM patterns:
- PostgreSQL with node-postgres (pg)
- No ORM; use prepared statements
- Map results to TS interfaces

Testing & Linting Workflows:
- Unit tests with Jest; API tests with supertest
- Lint pre-commit; CI runs tests
- Include integration tests for citation path

Prohibited Actions and Anti-patterns for the AI:
- Do not fabricate citations
- Do not reveal secrets
- Do not bypass auth
- Do not build dynamic SQL by string concat

Recommended Project Structure

src/
  api/
    controllers/
    routes/
  services/
  db/
    pg/
  models/
  infra/
  config/
  tests/

Core Engineering Principles

  • Clear separation of API, business logic, and data access
  • Type-safe, explicit data contracts via TypeScript
  • Security by default: validate input, enforce auth, limit rate
  • Deterministic, testable code with CI validation
  • Observable operations with structured logs and metrics

Code Construction Rules

  • Use strict TypeScript settings; avoid any and implicit any
  • All DB access via parameterized queries; never concatenate user input
  • Use environment variables for secrets; do not hard-code credentials
  • Responses must include citations with per-answer sources
  • Keep business logic in services; API layer should only orchestrate calls

Security and Production Rules

  • Enable TLS in all endpoints; enforce HTTPS in production
  • Implement JWT-based authentication and per-user rate limiting
  • Validate KB data ingestion; sanitize all external inputs
  • Audit logs for access to sensitive KB sources
  • Use feature flags for risky changes and blue/green deployments

Testing Checklist

  • Unit tests for parsing and formatting citations
  • API integration tests covering citation path and error handling
  • End-to-end tests simulating real KB queries and responses
  • Static and dynamic code analysis in CI

Common Mistakes to Avoid

  • Relying on unverified external sources for citations
  • Returning unformatted text without explicit citations
  • Over-concatenating SQL strings; ignore prepared statements
  • Ignoring security best practices in auth or data handling

Related implementation resources: AI Agent Use Case for Saas SMEs Using Churn Signals to Identify Customers Likely to Cancel and Implementing Parameterized Testing Matrices for Wide Input Coverage in Production AI.

FAQ

What is this Cursor Rules Template for customer support?

This Cursor rules template demonstrates how to configure Cursor AI to generate citation-backed customer support replies in a Node.js/Express/PostgreSQL stack. It defines the role, data flow, and code structure to ensure traceable sources and consistent formatting across replies.

How are citations generated and displayed?

The rules configure a citation resolver that attaches sources from the internal KB or approved external docs. Each answer includes inline citations and a bibliography section. The system avoids fabricating sources and preserves source authenticity for all customer-facing responses.

What stack is this template designed for?

This template targets a Node.js + Express backend with PostgreSQL. It uses the node-postgres client for DB access, TypeScript for type safety, and a privacy-conscious data flow that isolates knowledge sources from the response surface.

How do I integrate a knowledge base with the reply assistant?

Integrate by creating a data access service that queries PostgreSQL for KB articles and a citation resolver to attach sources. Normalize data into a citations table and use parameterized queries to fetch sources for each response, ensuring answers remain traceable through a citation map.

What are the production and security considerations?

Ensure TLS, implement JWT-based auth, rate limiting, and input validation. Maintain audit logs for KB access, apply CI/CD with tests, and use environment-based configuration. Do not expose secrets in responses and keep citations validated against trusted sources.