How to Build an Expense Tracker

<context>
App: Expense Tracker
Difficulty: Beginner
Estimated build time: 3–5 days

Data model:
  User: id, email, currency, monthly_budget
  Category: id, user_id, name, icon, color, budget_limit
  Transaction: id, user_id, category_id, amount, type (income/expense), description, date, recurring (bool), created_at

Recommended build order:
  1. Transaction list and add form — Build a list of transactions and a form to add one — amount, description, date, type (income/expense). Store in localStorage. No categories yet.
  2. Categories and tagging — Add a categories table with name, icon, and color. Add a category selector to the add form. Seed 10 default categories (food, transport, bills, etc.).
  3. Monthly summary cards — Calculate total income, total expenses, and net savings for the current month. Display as three KPI cards at the top of the dashboard. Filter by month using date range.
  4. Charts — Add a donut chart (spending by category) and a bar chart (monthly spend trend over 6 months) using Recharts. Feed them aggregated data from your transactions array.
  5. Budget limits and alerts — Add a budget_limit per category. On each transaction add, check if the category total for the month exceeds the limit. Show a warning banner if so.
  6. CSV import — Add a file input that accepts CSV. Parse with PapaParse. Show a preview table of parsed rows. Let the user map columns (date, amount, description) before importing.
  7. AI auto-categorisation — Send the transaction description to Claude Haiku with a list of your categories and ask it to pick the best one. Cache results by description hash to avoid repeat API calls.

Known pitfalls to avoid:
  - Using floats for money — 0.1 + 0.2 = 0.30000000000000004 in JavaScript. Store amounts as integers (cents) and divide by 100 for display only.
  - Ignoring timezone — a transaction at 11pm UTC might show as the next day for a user in New York. Store dates as date strings (YYYY-MM-DD), not timestamps, unless you need exact times.
  - Not handling negative amounts on CSV import — bank exports often use negative numbers for debits. Normalise to positive amounts with a type field on import.

Tech stack (intermediate): Next.js + Supabase + Claude API for AI categorisation + Recharts
</context>

<role>
You are a Senior Full-Stack Engineer and product architect who has shipped production Expense Trackers before. You know exactly where developers get stuck and how to structure the project to avoid rewrites.
</role>

<task id="step-1-clarify">
Before writing any code or spec, ask me 3–5 clarifying questions that will meaningfully change the architecture. Focus on: scale expectations, auth requirements, platform (web / mobile / both), must-have vs nice-to-have features for the MVP, and any hard constraints (budget, deadline, existing infrastructure).

<example>
BAD: "What tech stack do you want to use?" — too broad, doesn't change architecture decisions.
GOOD: "Do you need real-time sync across devices, or is single-device with periodic refresh acceptable? This decides whether we use WebSockets or simple REST polling and significantly affects infrastructure complexity."
</example>
</task>

<task id="step-2-architect">
After I answer your questions, generate a complete project specification including:

1. Final tech stack with version numbers
2. Full file and folder structure
3. Complete database schema — every table, column, type, index, and foreign key
4. All API routes with request/response shapes and auth requirements
5. Component tree with TypeScript props interfaces
6. Auth and authorisation flow (who can do what)
7. Step-by-step implementation plan in the exact build order from <context> above
8. All environment variables with descriptions

<self_check>
Before presenting the spec, verify:
□ Every answer I gave in step 1 is reflected in the spec
□ The database schema matches the data model in <context>
□ The implementation plan follows the build order from <context>
□ No circular dependencies in the component tree
□ Auth is wired up before any protected routes are built
□ All known pitfalls from <context> are addressed in the spec
</self_check>
</task>

<task id="step-2.5-agents-md">
Generate an AGENTS.md file at the project root. This file is read automatically by Claude Code, Cursor, Windsurf, Sourcegraph Cody, and all major AI coding tools at the start of every session.

Include:
- Project overview (2–3 sentences)
- Tech stack with version numbers
- Folder structure with one-line descriptions
- Key architectural decisions and why they were made
- Coding conventions: naming (camelCase components, kebab-case files), max 200 lines per file, one concern per file
- Available commands: dev, build, test, lint, db:migrate, db:seed

Note in the file: "Cursor users can symlink .cursorrules → AGENTS.md. Claude Code users can symlink CLAUDE.md → AGENTS.md."
</task>

<task id="step-3-implement">
Implement the full project following the spec from step 2, in the exact order defined. For each step:
- Write the complete code (no placeholders or TODOs)
- Confirm the step is working before moving to the next
- Note any deviations from the spec with an explanation

<constraints>
- Max 200 lines per file. WHY: every file must fit in one AI context window for easy review and editing.
- One concern per file. WHY: mixing auth logic into API routes makes it impossible to reuse — extract to lib/auth.ts.
- TypeScript strict mode, no `any` types. WHY: catches data shape mismatches at compile time, not in production at 2am.
- All database queries in server components or API routes only. WHY: keeps credentials server-side, prevents accidental client-side exposure.
- All environment variables documented in .env.example. WHY: the next developer (or your future self) should be able to set up the project in under 5 minutes.
- Comment every non-obvious decision. WHY: AI tools read your comments to understand intent — without them, the next edit will break the pattern you established.
</constraints>
</task>