jageenshukla/claude-skills-mcp-expense-automation

Building Production-Ready AI Agents with Claude Skills and MCP

Automated expense management agent with policy enforcement and PII redaction

This repository demonstrates how to build intelligent automation using Claude Code CLI, Skills, and Model Context Protocol (MCP). Perfect for developers who want production-ready AI agents without building from scratch.

📖 Read the full tutorial on Medium

🎯 What You'll Learn

Build a complete expense management AI agent that:

• ✅ Enforces company policies (Meals: $75, Travel: $500, Office Supplies: $200)
• ✅ Automatically redacts PII (credit cards, SSNs, phone numbers)
• ✅ Validates before submission (rejects over-limit expenses)
• ✅ Provides clear feedback (explains policy violations)
• ✅ Runs entirely locally (your data never leaves your machine)

🏗️ Architecture

This project demonstrates the 3-layer architecture for production AI agents:

Why this architecture?

• Modularity: Skills are reusable across projects
• Security: PII redaction happens before any external calls
• Maintainability: Policy changes happen in one place
• Reliability: Deterministic scripts for critical operations

🚀 Quick Start

Prerequisites

• Node.js 16+ (for MCP server)
• Python 3.8+ (for PII redaction scripts)
• Claude Code CLI (Installation guide)

Installation

# 1. Clone this repository
git clone https://github.com/jageenshukla/claude-skills-mcp-expense-automation.git
cd claude-skills-mcp-expense-automation

# 2. Install skill globally
cp -r .claude/skills/expense-policy ~/.claude/skills/

# 3. Build MCP server
cd mcp-server
npm install
npm run build
cd ..

# 4. Configure MCP server (choose one)

# Option A: Global configuration (recommended)
# Add to ~/.claude.json:
{
  "mcpServers": {
    "expense-policy": {
      "type": "stdio",
      "command": "node",
      "args": ["mcp-server/dist/index.js"],
      "cwd": "/absolute/path/to/claude-skills-mcp-expense-automation"
    }
  }
}

# Option B: Project configuration
# Already configured in .claude/.mcp.json
# Just update the "cwd" path to your location

# 5. Start Claude Code and test!
claude

Test Examples

Try these in Claude Code:

Valid Expense:

I had a business lunch for $60 on 2024-01-15. Used my card ending in 4532.

Over Limit:

I need to expense a $600 flight

Multiple PII:

Office supplies $150. Card 4532-1234-5678-9012, call 555-1234

📁 Project Structure

.
├── .claude/
│   ├── .mcp.json                   # Project MCP config (stdio mode)
│   └── skills/expense-policy/      # Skill definition
│       ├── SKILL.md                # Instructions for Claude
│       └── scripts/redact.py       # PII redaction script
├── mcp-server/                     # MCP server
│   ├── src/
│   │   ├── index.ts               # MCP server (stdio + HTTP)
│   │   └── tools/submitExpense.ts  # Tool implementation
│   ├── dist/                       # Built JS (after npm run build)
│   └── package.json
├── images/                         # Screenshots and diagrams
├── README.md
└── LICENSE

🔧 How It Works

The Complete Workflow

User: "Lunch $60, card ending in 4532"
    ↓
1. Claude loads expense-policy skill
    ↓
2. Skill validates: $60 < $75 ✓
    ↓
3. Skill runs: python redact.py "...card ending in 4532"
    ↓
4. Script returns: {"redacted_text": "...[REDACTED]", "has_pii": true}
    ↓
5. Skill calls: expense-policy_submitExpense(amount=60, description="...[REDACTED]")
    ↓
6. MCP server submits to your system
    ↓
7. Returns: "Expense EXP-xxx submitted!"

Key observation: Raw PII never reaches the MCP server or external systems. Redaction happens in step 3, before any external calls.

🎨 Features

Claude Skills (Workflow Layer)

• Policy enforcement logic
• Expense category validation
• User-friendly error messages
• Workflow orchestration

Python Scripts (Security Layer)

• Deterministic PII redaction
• Credit card number detection
• SSN and phone number masking
• Fast, testable, no API costs

MCP Server (Integration Layer)

• Stdio mode (auto-managed by Claude Code)
• HTTP mode (for testing: node dist/index.js --http)
• Tool: expense-policy_submitExpense
• Ready for your database/API integration

🌍 Real-World Applications

This architecture works for any workflow needing policy enforcement and data protection:

1. Customer Support Ticketing

• Validate ticket priority against SLA rules
• Redact customer PII (emails, phones, addresses)
• Submit to Zendesk/Jira via MCP tool

2. Document Processing

• Validate document format and metadata
• Redact sensitive sections (SSNs, account numbers)
• Upload to S3/GCS via MCP tool

3. Healthcare Data Entry

• Validate against HIPAA compliance rules
• Redact patient identifiers (MRN, DOB)
• Submit to EHR system via MCP tool

4. Financial Reporting

• Validate transaction amounts against limits
• Mask account numbers and PINs
• Submit to accounting system via MCP tool

🔒 Security & Privacy

PII Protection

• Automatic redaction of credit cards, SSNs, phone numbers
• Redaction happens first - before any external API calls
• Deterministic scripts - no LLM uncertainty
• Testable - regex patterns are unit-testable

Data Handling

• Runs entirely locally on your machine
• No data sent to external services (except your own MCP integrations)
• Skills and scripts are version-controlled and auditable
• Perfect for compliance requirements (GDPR, HIPAA, PCI-DSS)

📊 Performance & Cost

Cost Example: For 10,000 expense submissions

• Traditional: ~$100 (LLM redaction + validation)
• Skills + MCP: ~$10 (workflow orchestration only)
• Savings: $90 (90% cost reduction)

🛠️ Development

Running Tests

# Test PII redaction script
cd .claude/skills/expense-policy/scripts
python3 redact.py "Card 4532-1234-5678-9012, call 555-123-4567"

# Test MCP server (HTTP mode)
cd mcp-server
node dist/index.js --http

# In another terminal:
curl http://localhost:3000/health
curl http://localhost:3000/tools
curl -X POST http://localhost:3000/tool/call \
  -H "Content-Type: application/json" \
  -d '{
    "name": "expense-policy_submitExpense",
    "arguments": {
      "amount": 60,
      "category": "meals",
      "date": "2024-01-20",
      "description": "Business lunch"
    }
  }'

Customization

Modify expense limits - Edit .claude/skills/expense-policy/SKILL.md:

## Policy Rules
- **Meals**: Maximum $100 per person  # Changed from $75
- **Travel**: Maximum $750 per trip   # Changed from $500

Add new PII patterns - Edit .claude/skills/expense-policy/scripts/redact.py:

def redact_custom(text: str) -> str:
    # Add your custom redaction patterns
    pattern = r'your-pattern-here'
    return re.sub(pattern, '[REDACTED]', text)

Connect your database - Edit mcp-server/src/tools/submitExpense.ts:

// Replace mock with your actual database
import { db } from './your-database';

export async function submitExpense(input: ExpenseSubmission) {
  const result = await db.expenses.create(input);
  return result;
}

📚 Learn More

• 📖 Full Tutorial on Medium - Complete step-by-step guide
• 📘 Claude Skills Documentation - Official skills guide
• 🔧 Model Context Protocol - MCP specification
• 💻 MCP SDK - TypeScript

🤝 Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Ideas for Contributions:

• Add more PII detection patterns (emails, addresses)
• Create additional expense categories
• Add receipt OCR integration
• Build web UI for expense submission
• Add multi-currency support
• Create Docker compose setup
• Add comprehensive test suite

📝 License

This project is licensed under the MIT License - see the file for details.

🙏 Acknowledgments

• Built with Claude Code CLI
• Uses Model Context Protocol by Anthropic
• Inspired by real-world expense management needs

📧 Questions?

• Blog: Read the full tutorial
• Issues: Open an issue
• X: @imjageen

⭐ Star This Repo

If you found this helpful, please ⭐️ this repository and share it with others building AI agents!

Keywords: claude-ai claude-skills model-context-protocol mcp ai-agents expense-automation pii-redaction llm automation python typescript anthropic tutorial artificial-intelligence expense-management