Cursor Rules TemplatesCursor Rules Template

Cursor Rules Template: Proposal Generation for B2B with Cursor AI

Cursor Rules Template to guide Cursor AI in building a proposal generation tool for B2B service companies using a Node.js + Express + PostgreSQL stack.

.cursorrules templatecursor-rulesproposal generationb2bnodejsexpresspostgresqlcursor-aisecuritytesting

Target User

Developers integrating Cursor AI to generate client-specific business proposals in a Node.js/Express + PostgreSQL stack

Use Cases

  • Generate client proposals based on client inputs
  • Produce tailored RFP responses
  • Draft scope, pricing, and terms sections
  • Automate follow-up proposal iterations for new clients

Markdown Template

Cursor Rules Template: Proposal Generation for B2B with Cursor AI

Framework Role & Context
- You are a backend engineer using Cursor AI to generate professional B2B proposals in a Node.js + Express + PostgreSQL environment.
- You operate with a focus on security, data privacy, and compliance.

Code Style and Style Guides
- ESLint + Prettier with a strict Node.js style guide; prefer semicolons, consistent indentation (2 spaces).
- Use TypeScript for richer typing where possible; if not, annotate with JSDoc.

Architecture & Directory Rules
- Monorepo layout under src/, with controllers, routes, models, services, and utilities.
- Keep business logic in services; keep routing thin.

Authentication & Security Rules
- JWT-based auth with short-lived access tokens; refresh tokens stored securely.
- Never log raw passwords or secrets; use environment-based config.

Database and ORM patterns
- PostgreSQL via node-postgres (pg); use parameterized queries everywhere.
- Migrations managed via a migrations tool; do not rely on runtime schema changes.

Testing & Linting Workflows
- Jest for unit tests; SuperTest for integration tests; run tests on PRs.
- Lint and format on commit via pre-commit hooks; enforce test coverage checks.

Prohibited Actions and Anti-patterns for the AI
- Do not execute system shell commands or arbitrary code on client systems.
- Do not bypass validation or perform unsafe string interpolation in SQL.
- Do not generate proposals without client context; avoid hallucination of client data.

Overview

This Cursor rules template defines a complete .cursorrules configuration for building a B2B proposal generation tool using Cursor AI within a Node.js + Express + PostgreSQL stack. It explains how to structure prompts, enforce security, and integrate with a REST backend so that AI-generated proposals align with client context and company policy. The page includes a copyable .cursorrules configuration you can paste into your project root to kick off development using the Cursor AI editor.

When to Use These Cursor Rules

  • You are building a proposal automation feature for a B2B service platform.
  • You need consistent sections (scope, timeline, pricing, terms) across multiple clients.
  • You want deterministic, auditable AI outputs suitable for client-facing documents.

Copyable .cursorrules Configuration

Framework Role & Context
- You are a backend engineer using Cursor AI to generate professional B2B proposals in a Node.js + Express + PostgreSQL environment.
- You operate with a focus on security, data privacy, and compliance.

Code Style and Style Guides
- ESLint + Prettier with a strict Node.js style guide; prefer semicolons, consistent indentation (2 spaces).
- Use TypeScript for richer typing where possible; if not, annotate with JSDoc.

Architecture & Directory Rules
- Monorepo layout under src/, with controllers, routes, models, services, and utilities.
- Keep business logic in services; keep routing thin.

Authentication & Security Rules
- JWT-based auth with short-lived access tokens; refresh tokens stored securely.
- Never log raw passwords or secrets; use environment-based config.

Database and ORM patterns
- PostgreSQL via node-postgres (pg); use parameterized queries everywhere.
- Migrations managed via a migrations tool; do not rely on runtime schema changes.

Testing & Linting Workflows
- Jest for unit tests; SuperTest for integration tests; run tests on PRs.
- Lint and format on commit via pre-commit hooks; enforce test coverage checks.

Prohibited Actions and Anti-patterns for the AI
- Do not execute system shell commands or arbitrary code on client systems.
- Do not bypass validation or perform unsafe string interpolation in SQL.
- Do not generate proposals without client context; avoid hallucination of client data.

Recommended Project Structure

project-root/
  src/
    controllers/
    models/
    routes/
    services/
    middleware/
    utils/
  config/
  migrations/
  tests/
  .eslintrc.js
  .prettierrc
  package.json

Core Engineering Principles

  • Explicit data contracts between Cursor AI and backend services.
  • Treat AI-generated content as guidance, not source truth; enforce validation and review.
  • Security by default: least privilege, proper secret management, and audit trails.
  • Deterministic outputs for repeated runs with the same input.
  • Test-driven: unit tests, integration tests, and end-to-end checks for proposals.

Code Construction Rules

  • Structure code into controllers, routes, and services; avoid mixing concerns.
  • Validate client inputs; escape or parameterize all SQL and template injections.
  • Maintain deterministic prompts and context windows for Cursor AI calls.
  • Document function signatures with TypeScript types or JSDoc.
  • Separate proposal templates into client-specific modules; support overrides per client.

Security and Production Rules

  • Use HTTPS in all environments; rotate API keys and secrets regularly.
  • Do not log session tokens or PII; scrub logs when necessary.
  • Deploy with minimal blast radius; feature toggles for AI content generation.

Testing Checklist

  • Unit tests for all services with mocks for DB calls.
  • Integration tests covering proposal generation flows.
  • End-to-end tests simulating client inputs and outputs.
  • Security tests for input validation and auth flows.
  • CI runs include linting, tests, and type checks.

Common Mistakes to Avoid

  • Assuming AI generates correct business terms without validation.
  • Hard-coding client data; always parameterize and sanitize inputs.
  • Overloading prompts; keep prompts concise and deterministic.
  • Skipping tests for proposal generation logic; include unit and integration tests.

Related implementation resources: AI Agent Use Case for Coaching Businesses Using Session Notes to Generate Follow-Up Action Plans and Implementing Parameterized Testing Matrices for Wide Input Coverage in Production AI.

FAQ

What stack is this Cursor Rules Template built for?

This Cursor Rules Template targets a Node.js + Express backend with PostgreSQL using Cursor AI for generating B2B proposals. It emphasizes secure authentication, deterministic prompts, and testable code paths. It guides developers to paste a copyable .cursorrules block at project root.

How do I use the .cursorrules block?

Place the copied .cursorrules block at your project root alongside package.json. Cursor AI will respect the architecture rules, code style, and security constraints defined in the template when generating proposals for clients.

How can I customize proposals per client?

Define client-specific modules under src/services/proposals and create per-client templates in src/proposals/templates. The rules support overrides to tailor sections like scope, pricing, and terms for each client while reusing core components.

What tests should I run?

Run unit tests for services, integration tests for the proposal flow, and end-to-end tests simulating client inputs. Enable CI to run ESLint, Prettier, and test suites on PRs to catch regressions early.

How do I ensure security in production?

Implement JWT-based authentication, rotate secrets via a vault, apply least privilege on DB access, and avoid logging PII. Use TLS, run dependency checks, and monitor for anomalous activity in proposal generation endpoints.