孫昊

Posted on May 6

Manifest-driven dashboard so I'd never maintain another INDEX.md (Flask)

#indie #python #flask #productivity

dev.to article #29 (paste-ready) — I built a manifest-driven dashboard so I'd never maintain another INDEX.md

Calendar: 2026-06-12 09:00 PT
Tags: #indie #python #flask #productivity #dashboard
Word count: 1850
Cover image: 1000×420 — dashboard screenshot with TODO/Check/Run panels

TL;DR

After 100 ticks of indie hacking, I had 50+ markdown files (research, drafts, SOPs, code) scattered across INBOX/, reports/, products/, and 6 Swift app repos. My INDEX.md was always stale because I'd ship a file and forget to update the index.

So I rebuilt the index. Manifest-first: every shipped asset gets YAML frontmatter, the dashboard auto-scans, no manual maintenance. One refresh button = always current.

Here's the architecture, the code, and what surprised me.

The problem (you've felt this)

Open your indie hacker repo. You probably have:

INBOX/ with 20+ "what to do today" notes
reports/ with 50+ research docs and paste-ready content
products/ with Gumroad SKU drafts and B2B kits
5+ scaffold repos with READMEs nobody reads

You wrote a MASTER-INDEX.md once. It's stale within 3 days because every new asset means manually editing the index. Eventually you stop maintaining it. Three months later you can't find your own work.

I had this exact problem at Tick #100. So I built the alternative.

The principle: manifest-first

Every asset carries its own metadata. The dashboard reads that metadata at runtime. No central registry. Ship a file → it appears in the dashboard immediately.

This is the same pattern Claude Code uses for skills (SKILL.md with YAML frontmatter), Hugo uses for pages, Jekyll uses for posts, Docusaurus uses for docs. It's the 2026 industry default for content-rich systems with auto-discovery.

What did I add? An indie-hacker-specific schema and a Flask dashboard that scans my project tree.

The schema (10 categories, 5 required fields, 16 actions)

---
id: ios-pricing-decision
title: iOS Buyout vs Subscription Decision
category: ios-pricing      # one of 10 enum values
priority: P0               # P0/P1/P2/P3
status: ready              # ready/scaffold/draft/done
eta_min: 30
revenue_usd_month: "200-500"
actions: [preview, copy-clipboard, open-asc]
tags: [ios, pricing, paywall]
created: 2026-05-06
---

# iOS Buyout vs Subscription Decision
...

Required: id, title, category, priority. Optional: eta_min, revenue_usd_month, actions, tags, ice_score, tier_price_usd, command, depends_on.

Categories form three semantic groups in the dashboard:

TODO — todo (P0/P1 user must execute)
Check — idea, roadmap (user reviews + approves)
Run — automation, runnable scripts with command field

This maps to the user's role: strategic check + product review. Everything else CC (my agent) executes autonomously.

The scanner (~50 lines that drive everything)

import os
import re
import yaml
from pathlib import Path

MD_FRONTMATTER = re.compile(r"^---\s*\n(.*?)\n---\s*\n", re.DOTALL)
PY_FRONTMATTER = re.compile(r'"""[\s\S]*?---manifest---\s*\n(.*?)\n---\s*\n', re.DOTALL)

SKIP_DIRS = {".git", "node_modules", "__pycache__", "archive", "dashboard"}

def parse_frontmatter(file_path: Path) -> dict | None:
    if file_path.suffix not in {".md", ".py", ".sh", ".yaml"}:
        return None
    content = file_path.read_text(encoding="utf-8", errors="replace")[:4000]
    if file_path.suffix == ".md":
        m = MD_FRONTMATTER.match(content)
    elif file_path.suffix == ".py":
        m = PY_FRONTMATTER.search(content)
    else:
        return None
    if not m:
        return None
    return yaml.safe_load(m.group(1))

def scan(root: Path):
    discovered = []
    for current, dirs, files in os.walk(root):
        dirs[:] = [d for d in dirs if d not in SKIP_DIRS]
        for fn in files:
            data = parse_frontmatter(Path(current) / fn)
            if data and all(k in data for k in ("id", "title", "category", "priority")):
                discovered.append(data)
    return discovered

That's it. Walk the tree, read first 4 KB of each file, extract YAML, validate required fields, return list. Refresh = re-scan.

The 16 actions (replace user with CC)

The dashboard surfaces buttons per asset. Each button maps to an action handler:

URL_TARGETS = {
    "open-asc": "https://appstoreconnect.apple.com/apps",
    "check-email": "https://mail.google.com/mail/u/0/#inbox",
    "open-gumroad": "https://gumroad.com/products/new",
    "open-substack": "https://autoappnotes.substack.com/publish/posts/drafts",
    # ... 9 total URL actions
}

def handle_action(action: str, asset_path: str, command: str) -> dict:
    if action == "open-editor":
        os.startfile(asset_path)
        return {"success": True}
    if action in URL_TARGETS:
        os.startfile(URL_TARGETS[action])
        return {"success": True}
    if action == "copy-clipboard":
        text = Path(asset_path).read_text(encoding="utf-8")
        subprocess.run(["clip"], input=text, encoding="utf-16-le")
        return {"success": True, "chars": len(text)}
    if action == "run-script":
        result = subprocess.run(shlex.split(command), capture_output=True, timeout=30, cwd=ROOT)
        return {
            "success": result.returncode == 0,
            "stdout": result.stdout.decode()[-5000:],
            "stderr": result.stderr.decode()[-2000:],
        }
    # ... mark-done, export-pdf, etc.

Subprocess uses shell=False + shlex.split() for security (commands come from manifest = trusted, but defense in depth).

The three panels (this is where users live)

The dashboard's home page is structured around the user's mental model:

1. TODO panel (top)

P0/P1 items the user must execute, sorted by priority. Each card:

Priority badge + ETA + expected revenue
One big "▶ 立即做" button → triggers CC autonomous action
"✓ done" toggle persisted to data/actions.json

2. Check panel (middle)

Ideas + roadmap items the user reviews. The user's strategic role.

3. Run panel (bottom)

A table of runnable scripts. Click "▶ 运行" → subprocess → output drawer slides up with stdout/stderr.

What surprised me

Surprise 1: subprocess injection is real even on localhost

I started with subprocess.run(command, shell=True). After 10 minutes I read the Flask security docs and switched to shlex.split() + shell=False. Even on 127.0.0.1, the manifest could have a typo or future bug that breaks containment.

Surprise 2: Chinese filenames in Windows GBK encoding break stdout pipes

I used python -c "..." > output.html for HTML generation. Worked on macOS. Failed on Windows because Chinese emoji in markdown → UnicodeEncodeError: 'gbk' codec can't encode '❌'.

Fix: write to file directly inside Python instead of via shell redirect. Always set PYTHONIOENCODING=utf-8 in any indie tool that touches non-ASCII content.

Surprise 3: Chrome headless --print-to-pdf is plenty for indie SKUs

I almost installed pandoc + LaTeX (4 GB). Then I realized Chrome is already on every dev machine. Chrome --headless=new --print-to-pdf=out.pdf input.html produces clean PDFs in <2 seconds. Same engine as web preview = WYSIWYG.

Caveat: use --user-data-dir=$TMP/... or you'll fight with the user's running Chrome.

Surprise 4: auto-discovery removes 90% of cognitive overhead

Before manifest-first I'd ship a doc and think "now where do I link this from?" Now I just write the frontmatter and click Refresh. The dashboard's 42 assets came from 39 files (some files = scaffold repos with their own manifest). Zero index files maintained.

The boundary I won't cross

Per my user feedback rules:

✅ Open URLs / fill forms / run scripts / pre-fill drafts
🚫 Click "Submit" / agree to ToS / send 2FA codes / sign legal agreements

The dashboard takes you 95% of the way to "shipped" but stops at the legal/identity moment. That's intentional — the user maintains the final decision (Publish, Send, I-Agree).

Should you build this?

Build it if:

You ship 5+ markdown/code assets per week and forget where things are
You hate maintaining index files
You like Markdown + YAML over proprietary tools (Notion AI is wonderful but vendor-locked)

Don't build it if:

You're a solo writer with <10 files (Notion is fine)
Your assets are mostly binary (Figma/video — different problem)

For me, it took ~3 hours to ship a commercial-grade version (Flask + 700 LOC CSS + 200 LOC JS + 480 LOC scanner backend), and saves ~30 minutes per week from never maintaining an index again.

Plus: the Day 30 review now tells me at a glance which categories are getting traction, because every new asset auto-tags itself.

Code

I'm cleaning up the dashboard for a $39 Gumroad SKU ("manifestkit") if there's interest. Drop a comment if you'd buy it.

For now, the schema and scanner are open-source-friendly Markdown + Python with no proprietary deps.

A/B subject candidates

"I built a manifest-driven dashboard so I'd never maintain another INDEX.md"
"How I auto-index 50+ markdown files with YAML frontmatter (Flask + 480 LOC)"
"Why I deleted my MASTER-INDEX.md and built a dashboard that scans manifests"
"Manifest-first dashboard: 3 hours to build, never maintain an index again"

Cross-platform plan

Platform	Date	Variant
dev.to	2026-06-12	This piece
Substack	2026-06-13	Long-form business angle
Reddit r/Python	2026-06-12	Self-promo + code
HN Show HN	2026-06-13	"Show HN: manifestkit"
知乎	2026-06-15	Chinese version

DEV Community