Cursor + Claude: stop shipping broken env vars

I stopped guessing env vars. I validate them at boot. I generate .env.example automatically from Zod. I fail fast in Next.js + Supabase setups. I use Cursor + Claude for refactors, not magic. Context I build small SaaS projects. Usually solo. Usually fast. And env vars kept wasting my time. Not the “what is an env var” part. The dumb part. SUPABASE_URL missing. Or set to the anon key. Or NEXT_PUBLIC_ leaked into server-only code. Or a preview deploy where Vercel injected nothing and the app still booted… until the first real request. I spent 4 hours on this once. Most of it was wrong. So I made env vars boring. I want one place to define them. One place to validate them. And a script that spits out .env.example so I don’t forget anything. 1) I write the env contract first. Then code. I keep one file: src/env.ts . Zod schema. Two groups. Client-safe vars: must start with NEXT_PUBLIC_ . Server-only vars: never exposed. This avoids the classic Next.js footgun: accidentally importing serve