The PRD→Plan→Todo Methodology

The PRD→Plan→Todo methodology is a systematic approach to AI-assisted development that transforms high-level requirements into working code through three distinct phases. This workflow has become the gold standard for teams using Claude Code and Cursor IDE.

The Three Pillars

PRD (Product Requirements Document): What needs to be built
Plan: How to build it (technical approach)
Todo: Specific implementation tasks

Why This Methodology Works

Traditional development often jumps directly from requirements to code, leading to:

Misaligned implementations
Forgotten edge cases
Technical debt from poor planning
Difficult code reviews

The PRD→Plan→Todo approach ensures:

✅ Clear alignment between business needs and technical implementation
✅ Comprehensive coverage of all requirements
✅ Systematic approach that AI can follow consistently
✅ Built-in documentation for future maintenance

Phase 1: PRD (Product Requirements Document)

The PRD defines what needs to be built from a business perspective.

Creating Effective PRDs

# Feature: User Authentication System

## Overview
Brief description of the feature and its business value

## User Stories
As a [user type], I want to [action] so that [benefit]

## Functional Requirements
1. Users can register with email/password
2. Email verification required
3. Password reset functionality
4. Remember me option

## Non-Functional Requirements
- Response time < 200ms
- Support 10k concurrent users
- GDPR compliant
- Accessibility WCAG 2.1 AA

## Acceptance Criteria
- [ ] User can successfully register
- [ ] Invalid emails are rejected
- [ ] Passwords meet security requirements
- [ ] Session persists with "remember me"

## Out of Scope
- Social login (Phase 2)
- Two-factor authentication (Phase 2)

"Generate a PRD for [feature description] that includes:
- Overview and business value
- User stories for all user types
- Functional requirements (numbered list)
- Non-functional requirements (performance, security, compliance)
- Acceptance criteria (testable conditions)
- Explicitly state what's out of scope
- Include any UI/UX requirements
- Note integration points with existing systems"

Real-World PRD Example

E-commerce Checkout Feature

# PRD: Express Checkout Feature

## Overview
Implement one-click checkout for returning customers to reduce cart abandonment by 25%

## User Stories
1. As a returning customer, I want to complete purchase with one click
2. As a new customer, I want the option to save my details for future
3. As an admin, I want to track express checkout usage

## Functional Requirements
1. Store encrypted payment methods (PCI compliant)
2. Pre-fill shipping address from last order
3. Show order summary before confirmation
4. Send email receipt immediately
5. Update inventory in real-time

## Performance Requirements
- Checkout completion < 3 seconds
- Support 1000 concurrent checkouts
- 99.9% uptime during business hours

Phase 2: Technical Plan

The Plan translates business requirements into technical architecture and approach.

Creating Comprehensive Plans

Analyze the PRD

"Based on this PRD, create a technical plan that includes:
- High-level architecture overview
- Technology choices with justification
- Data model design
- API endpoints needed
- Security considerations
- Integration points
- Deployment strategy"

Define Components

"Break down the architecture into:
- Frontend components/pages needed
- Backend services/modules
- Database schema changes
- External service integrations
- Infrastructure requirements"

Identify Risks

"What are the technical risks and how do we mitigate them?
Consider: performance bottlenecks, security vulnerabilities,
scalability issues, third-party dependencies"

# Technical Plan: User Authentication

## Architecture Overview
- JWT-based stateless authentication
- PostgreSQL for user data
- Redis for session management
- Email service for notifications

## API Design
POST /api/auth/register
POST /api/auth/login
POST /api/auth/logout
POST /api/auth/refresh
POST /api/auth/reset-password

## Database Schema
users:
- id (uuid, primary key)
- email (unique, indexed)
- password_hash
- email_verified (boolean)
- created_at, updated_at

sessions:
- token (primary key)
- user_id (foreign key)
- expires_at
- ip_address

## Security Measures
- Bcrypt for password hashing (12 rounds)
- Rate limiting on auth endpoints
- CORS properly configured
- Input validation on all fields

# Frontend Technical Plan

## Component Architecture
- AuthProvider (context for auth state)
- LoginForm component
- RegisterForm component
- PasswordResetFlow
- AuthGuard HOC for protected routes

## State Management
- useAuth hook for auth operations
- Local storage for token persistence
- Session storage for temporary data

## UI/UX Flow
1. Modal-based auth forms
2. Real-time validation
3. Loading states during API calls
4. Success/error notifications
5. Redirect after login

## Performance
- Lazy load auth components
- Prefetch auth check on app load
- Optimistic UI updates

Phase 3: Todo List (Implementation Tasks)

The Todo list breaks the plan into specific, actionable tasks that can be implemented.

Generating Effective Todos

Task Breakdown Strategy

"Convert this technical plan into a detailed todo list:
- Each task should be completable in 1-4 hours
- Include task dependencies
- Group by component/feature area
- Add acceptance criteria for each task
- Prioritize tasks (P0/P1/P2)
- Include testing tasks
- Don't forget documentation"

Todo List Example

Structured Format
AI-Friendly Format

# Implementation Todos: User Authentication

## Database Setup (P0)
- [ ] Create database migrations for users table
- [ ] Create database migrations for sessions table
- [ ] Add indexes for email and token lookups
- [ ] Seed database with test users

## Backend API (P0)
- [ ] Implement password hashing utility
- [ ] Create POST /api/auth/register endpoint
  - Input validation
  - Email uniqueness check
  - Send verification email
- [ ] Create POST /api/auth/login endpoint
  - Validate credentials
  - Generate JWT token
  - Create session record
- [ ] Add rate limiting middleware
- [ ] Write API integration tests

## Frontend Components (P1)
- [ ] Create AuthContext and Provider
- [ ] Implement useAuth hook
- [ ] Build LoginForm component
  - Form validation
  - Error handling
  - Loading states
- [ ] Build RegisterForm component
- [ ] Add AuthGuard HOC
- [ ] Write component tests

## Integration (P1)
- [ ] Connect frontend to backend API
- [ ] Implement token refresh logic
- [ ] Add error interceptors
- [ ] Test full auth flow

## Documentation (P2)
- [ ] Document API endpoints
- [ ] Create auth flow diagram
- [ ] Write deployment guide

## Todo: Implement User Registration

**Task**: Create user registration endpoint
**Acceptance Criteria**:
- Validates email format
- Checks email uniqueness
- Hashes password with bcrypt
- Sends verification email
- Returns appropriate errors

**Dependencies**: Database migrations complete
**Priority**: P0
**Estimated Time**: 2 hours

**Implementation Notes**:
- Use Joi for validation
- Return 409 for duplicate email
- Log registration attempts

Executing with AI Assistance

Using Claude Code

Start with PRD

# In your project directory
claude

"Here's my PRD for a user authentication system: [paste PRD]
Generate a technical plan for implementing this."

Review and refine plan

"The plan looks good, but let's use Passport.js instead of
custom JWT implementation. Update the plan accordingly."

Generate todos

"Based on this plan, create a detailed todo list grouped by:
- Database setup
- Backend implementation
- Frontend components
- Testing
- Documentation"

Implement systematically

"Let's start with database setup.
Implement the first todo: Create user table migration"

Using Cursor IDE

Agent Mode
Composer Mode

// Use Cursor's Agent mode for complex multi-file tasks

"I have this PRD for user authentication [paste PRD].
Create a technical plan, then implement the database
schema and basic API endpoints. Follow our coding
standards in .cursorrules."

// Agent will:
// 1. Analyze PRD
// 2. Create plan
// 3. Generate migrations
// 4. Implement endpoints
// 5. Add basic tests

// Use Composer for focused tasks

"Based on this todo item:
'Create POST /api/auth/register endpoint with validation'

Implement the endpoint following these requirements:
- Email and password validation
- Check for existing user
- Hash password with bcrypt
- Send verification email
- Return user object without password"

Advanced Patterns

The Feedback Loop

graph LR A[PRD] --> B[Plan] B --> C[Todo] C --> D[Implementation] D --> E[Testing] E --> F[Feedback] F --> A

After implementation, update your documents:

PRD: Add discovered requirements
Plan: Document architectural decisions
Todo: Mark completed, add new tasks

Team Collaboration

Shared Documents

Store PRDs in /docs/requirements/
Keep plans in /docs/architecture/
Track todos in /docs/tasks/ or project management tool

AI Context Sharing

Reference documents with @docs/requirements/auth-prd.md
Include team decisions in prompts
Use consistent terminology across team

Integration with Existing Workflows

PRD: Created during sprint planning
Plan: Technical refinement meeting
Todo: Becomes sprint backlog items
Each todo can map to a story point

Common Pitfalls and Solutions

Pitfall Prevention Checklist

PRD too vague: Include specific examples and edge cases
Plan missing risks: Always include “Risks and Mitigations” section
Todos too large: Break down any task over 4 hours
No acceptance criteria: Each todo needs clear completion definition
Ignoring dependencies: Mark task dependencies explicitly
Missing tests: Include test tasks for each component

Measuring Success

Track these metrics to improve your process:

Completion Rate: % of todos completed as originally written
Rework Rate: How often implemented features need changes
Time Accuracy: Actual vs estimated time for todos
Requirement Coverage: % of PRD requirements successfully implemented
Documentation Quality: Post-implementation documentation completeness

Real-World Case Studies

E-commerce Platform Migration

Challenge: Migrate legacy PHP monolith to microservices

Approach:

Created PRD for each service boundary
Developed migration plan with rollback strategies
Generated detailed todos with feature flags

Result:

6-month project completed in 4 months
90% less bugs than previous migration attempts
Full documentation generated alongside code

Key Success Factor: The PRD→Plan→Todo methodology ensured nothing was forgotten during the complex migration.

Tools and Templates

PRD Template Generator

"Generate a PRD template for a [type] feature that includes:
- All standard sections
- Industry-specific requirements
- Compliance considerations
- Performance benchmarks
- Integration touchpoints"

Plan Analyzer

"Review this technical plan and identify:
- Missing architectural components
- Potential scalability issues
- Security vulnerabilities
- Cost optimization opportunities
- Technical debt risks"

Todo Prioritizer

"Take this todo list and:
- Identify the critical path
- Suggest parallel work streams
- Estimate completion time
- Highlight blockers
- Recommend task order"

Next Steps

Download Templates

Get our PRD, Plan, and Todo templates with examples for common features

Watch Tutorial

See the methodology in action with a real feature implementation

Join Community

Share your experiences and learn from other teams using this approach