base44 · ozsay · Feb 1, 2026 · Jan 30, 2026
diff --git a/skills/base44-cli/SKILL.md b/skills/base44-cli/SKILL.md
@@ -126,20 +126,34 @@ my-app/
 **config.jsonc example:**
 ```jsonc
 {
-  "name": "My App",
-  "description": "App description",
-  "entitiesDir": "./entities",
-  "functionsDir": "./functions",
-  "agentsDir": "./agents",
-  "site": {
-    "installCommand": "npm install",
-    "buildCommand": "npm run build",
-    "serveCommand": "npm run dev",
-    "outputDirectory": "./dist"
+  "name": "My App",                    // Required: project name
+  "description": "App description",    // Optional: project description
+  "entitiesDir": "./entities",         // Optional: default "entities"
+  "functionsDir": "./functions",       // Optional: default "functions"
+  "agentsDir": "./agents",             // Optional: default "agents"
+  "site": {                            // Optional: site deployment config
+    "installCommand": "npm install",   // Optional: install dependencies
+    "buildCommand": "npm run build",   // Optional: build command
+    "serveCommand": "npm run dev",     // Optional: local dev server
+    "outputDirectory": "./dist"        // Optional: build output directory
   }
 }
 ```
 
+**Config properties:**
+
+| Property | Description | Default |
+|----------|-------------|---------|
+| `name` | Project name (required) | - |
+| `description` | Project description | - |
+| `entitiesDir` | Directory for entity schemas | `"entities"` |
+| `functionsDir` | Directory for backend functions | `"functions"` |
+| `agentsDir` | Directory for agent configs | `"agents"` |
+| `site.installCommand` | Command to install dependencies | - |
+| `site.buildCommand` | Command to build the project | - |
+| `site.serveCommand` | Command to run dev server | - |
+| `site.outputDirectory` | Build output directory for deployment | - |
+
 ## Installation
 
 Install the Base44 CLI as a dev dependency in your project:
@@ -210,9 +224,10 @@ ALWAYS follow this exact structure when creating entity files:
 }
 ```
 
-**Field types:** `string`, `number`, `boolean`, `array`
-**String formats:** `date`, `date-time`, `email`, `uri`, `richtext`
+**Field types:** `string`, `number`, `integer`, `boolean`, `array`, `object`, `binary`
+**String formats:** `date`, `date-time`, `time`, `email`, `uri`, `hostname`, `ipv4`, `ipv6`, `uuid`, `file`, `regex`, `richtext`
 **For enums:** Add `"enum": ["value1", "value2"]` and optionally `"default": "value1"`
+**Entity names:** Must be alphanumeric only (pattern: `/^[a-zA-Z0-9]+$/`)
 
 For complete documentation, see [entities-create.md](references/entities-create.md).
 
@@ -255,7 +270,13 @@ Agents are conversational AI assistants that can interact with users, access you
 }
 ```
 
-**Naming rules:** Agent names must be lowercase alphanumeric with underscores only (e.g., `support_agent`, `order_bot`)
+**Naming rules:** 
+- Agent names must match pattern: `/^[a-z0-9_]+$/` (lowercase alphanumeric with underscores, 1-100 chars)
+- Valid: `support_agent`, `order_bot`
+- Invalid: `Support-Agent`, `OrderBot`
+
+**Required fields:** `name`, `description`, `instructions`
+**Optional fields:** `tool_configs` (defaults to `[]`), `whatsapp_greeting`
 
 **Tool config types:**
 - **Entity tools**: `entity_name` + `allowed_operations` (array of: `read`, `create`, `update`, `delete`)

diff --git a/skills/base44-cli/references/agents-push.md b/skills/base44-cli/references/agents-push.md
@@ -70,21 +70,21 @@ Each agent file should be a `.jsonc` file in `base44/agents/` with this structur
 
 ```jsonc
 {
-  "name": "agent_name",
-  "description": "Brief description of what this agent does",
-  "instructions": "Detailed instructions for the agent's behavior",
-  "tool_configs": [
+  "name": "agent_name",              // Required: lowercase alphanumeric with underscores, 1-100 chars
+  "description": "Brief description of what this agent does",  // Required: min 1 char
+  "instructions": "Detailed instructions for the agent's behavior",  // Required: min 1 char
+  "tool_configs": [                  // Optional: defaults to []
     // Entity tool - gives agent access to entity operations
     { "entity_name": "Task", "allowed_operations": ["read", "create", "update", "delete"] },
     // Backend function tool - gives agent access to a function
     { "function_name": "send_email", "description": "Send an email notification" }
   ],
-  "whatsapp_greeting": "Hello! How can I help you today?"
+  "whatsapp_greeting": "Hello! How can I help you today?"  // Optional
 }
 ```
 
 **Naming rules:**
-- **Agent names** must be lowercase alphanumeric with underscores only
+- **Agent names** must match pattern: `/^[a-z0-9_]+$/` (lowercase alphanumeric with underscores only, 1-100 characters)
   - Valid: `support_agent`, `order_bot`, `task_helper`
   - Invalid: `Support-Agent`, `OrderBot`, `task helper`
 - **Agent file names** must use underscores (matching the agent name)
@@ -94,6 +94,13 @@ Each agent file should be a `.jsonc` file in `base44/agents/` with this structur
   - Valid: `"entity_name": "Task"`, `"entity_name": "TeamMember"`
   - Invalid: `"entity_name": "task"`, `"entity_name": "team_member"`
 
+**Required fields:**
+- `name`: Required, must follow naming rules above
+- `description`: Required, minimum 1 character
+- `instructions`: Required, minimum 1 character
+- `tool_configs`: Optional, defaults to empty array
+- `whatsapp_greeting`: Optional
+
 ### Common Mistake: Wrong tool_configs Format
 
 **WRONG** - Do NOT use `tools` with `type` and `entity`:

diff --git a/skills/base44-cli/references/entities-create.md b/skills/base44-cli/references/entities-create.md
@@ -116,7 +116,7 @@ With format:
 }
 ```
 
-Available formats: `date`, `date-time`, `email`, `uri`, `richtext`
+Available formats: `date`, `date-time`, `time`, `email`, `uri`, `hostname`, `ipv4`, `ipv6`, `uuid`, `file`, `regex`, `richtext`
 
 ### String with Enum
 
@@ -143,6 +143,32 @@ Constrained to specific values:
 }
 ```
 
+### Integer
+
+For whole numbers only:
+```jsonc
+{
+  "quantity": {
+    "type": "integer",
+    "description": "Item quantity",
+    "minimum": 0,
+    "maximum": 1000
+  }
+}
+```
+
+### Binary
+
+For file/blob data:
+```jsonc
+{
+  "attachment": {
+    "type": "binary",
+    "description": "File attachment"
+  }
+}
+```
+
 ### Boolean
 
 ```jsonc
@@ -188,15 +214,23 @@ Constrained to specific values:
 
 ## Field Properties
 
-| Property      | Description                                                  |
-| ------------- | ------------------------------------------------------------ |
-| `type`        | Data type: `string`, `number`, `boolean`, `array`, `object`  |
-| `description` | Human-readable description of the field                      |
-| `enum`        | Array of allowed values (for strings)                        |
-| `default`     | Default value when not provided                              |
-| `format`      | Format hint: `date`, `date-time`, `email`, `uri`, `richtext` |
-| `items`       | Schema for array items                                       |
-| `properties`  | Nested properties for object types                           |
+| Property      | Description                                                                              |
+| ------------- | ---------------------------------------------------------------------------------------- |
+| `type`        | Data type: `string`, `number`, `integer`, `boolean`, `array`, `object`, `binary`         |
+| `description` | Human-readable description of the field                                                  |
+| `enum`        | Array of allowed values (for strings)                                                    |
+| `enumNames`   | Human-readable labels for enum values (same order as `enum`)                             |
+| `default`     | Default value when not provided                                                          |
+| `format`      | Format hint: `date`, `date-time`, `time`, `email`, `uri`, `hostname`, `ipv4`, `ipv6`, `uuid`, `file`, `regex`, `richtext` |
+| `items`       | Schema for array items                                                                   |
+| `properties`  | Nested properties for object types                                                       |
+| `$ref`        | Reference to another schema definition                                                   |
+| `minLength`   | Minimum string length                                                                    |
+| `maxLength`   | Maximum string length                                                                    |
+| `pattern`     | Regex pattern for string validation                                                      |
+| `minimum`     | Minimum value for numbers                                                                |
+| `maximum`     | Maximum value for numbers                                                                |
+| `rls`         | Field-level security rules (see Field Level Security section)                            |
 
 ## Complete Example
 
@@ -252,7 +286,10 @@ Here's a complete entity definition for a Task:
 
 ## Naming Conventions
 
-- **Entity name**: Use PascalCase (e.g., `Task`, `TeamMember`, `ActivityLog`)
+- **Entity name**: Use PascalCase with alphanumeric characters only (e.g., `Task`, `TeamMember`, `ActivityLog`)
+  - Must match pattern: `/^[a-zA-Z0-9]+$/`
+  - Valid: `Task`, `TeamMember`, `Order123`
+  - Invalid: `Team_Member`, `Team-Member`, `Team Member`
 - **File name**: Use kebab-case matching the entity (e.g., `task.jsonc`, `team-member.jsonc`, `activity-log.jsonc`)
 - **Field names**: Use snake_case (e.g., `board_id`, `user_email`, `due_date`)
 
@@ -281,14 +318,15 @@ Row Level Security (RLS) controls which records users can access based on their
 
 ### RLS Operations
 
-RLS supports four operations:
+RLS supports five operations:
 
 | Operation | Description |
 |-----------|-------------|
 | `create` | Control who can add new records |
 | `read` | Control who can view records |
 | `update` | Control who can modify records |
 | `delete` | Control who can remove records |
+| `write` | Shorthand for `create`, `update`, and `delete` combined |
 
 ### Permission Values
 
@@ -339,8 +377,9 @@ There are two condition types you can use:
 ```
 
 **Important limitations:**
-- Only **simple equality** is supported (no operators like `$ne`, `$gt`, `$in`, etc.)
-- MongoDB-style operators (`$and`, `$or`, `$in`, `$nin`, `$ne`) are **NOT supported** in JSON schema RLS
+- `user_condition` only supports **simple equality** (e.g., `{ "role": "admin" }`)
+- For `data.*` field comparisons, you can use operators: `$in`, `$nin`, `$ne`, `$all`
+- Logical operators `$or`, `$and`, `$nor` are available for combining conditions
 - You cannot filter by entity field values directly (e.g., `{"status": "published"}`)
 - Only user-related conditions are allowed
 
@@ -433,12 +472,15 @@ There are two condition types you can use:
 
 ### Limitations
 
-- **No MongoDB operators:** `$and`, `$or`, `$in`, `$nin`, `$ne`, `$gt`, `$lt`, `$regex`, `$expr`, `$where` are NOT supported
+- **user_condition is equality only:** `user_condition` only supports exact match (e.g., `{ "role": "admin" }`) - no operators
+- **No comparison operators on user_condition:** `$gt`, `$lt`, `$regex`, `$expr`, `$where` are NOT supported for user conditions
 - **No entity field filtering:** Cannot filter by entity field values (e.g., `{"status": "published"}`)
-- **Simple equality only:** `user_condition` only supports exact match (e.g., `{ "role": "admin" }`)
-- **Single condition per operation:** Each operation can only have one condition (no combining multiple rules)
 - **No deeply nested templates:** Templates like `{{user.data.profile.department}}` may not work
 
+**Supported operators:**
+- **Logical operators:** `$or`, `$and`, `$nor` for combining multiple conditions
+- **Field operators (for `data.*` fields only):** `$in`, `$nin`, `$ne`, `$all`
+
 ### Complex Access Patterns
 
 For complex access patterns that require multiple conditions (e.g., "owner OR admin"), you have two options:
@@ -449,11 +491,55 @@ For complex access patterns that require multiple conditions (e.g., "owner OR ad
 
 ## Field Level Security (FLS)
 
-**Note:** Field Level Security (FLS) is **NOT currently available** in Base44. You can only set security rules for entire entities (rows/records), not for individual fields within those records.
+Field Level Security allows you to control access to individual fields within an entity. FLS rules are defined within each field's schema using the `rls` property.
+
+### FLS Operations
+
+FLS supports the same operations as entity-level RLS:
+
+| Operation | Description |
+|-----------|-------------|
+| `create` | Control who can set this field when creating records |
+| `read` | Control who can view this field |
+| `update` | Control who can modify this field |
+| `delete` | Control who can clear this field |
+| `write` | Shorthand for `create`, `update`, and `delete` combined |
+
+### FLS Example
+
+```jsonc
+{
+  "name": "Employee",
+  "type": "object",
+  "properties": {
+    "name": {
+      "type": "string",
+      "description": "Employee name"
+    },
+    "salary": {
+      "type": "number",
+      "description": "Employee salary",
+      "rls": {
+        "read": { "user_condition": { "role": "hr" } },
+        "update": { "user_condition": { "role": "hr" } }
+      }
+    },
+    "department": {
+      "type": "string",
+      "description": "Department name"
+    }
+  },
+  "required": ["name"]
+}
+```
+
+In this example, only users with the `hr` role can read or update the `salary` field. All users with access to the entity can read/update other fields.
+
+### FLS Notes
 
-If you need different access levels for different fields, the recommended approach is to split your data into separate entities:
-- Public data in one entity (with `read: true`)
-- Protected data in another entity (with appropriate RLS rules)
+- If no field-level RLS is defined, the field inherits the entity-level RLS rules
+- FLS rules follow the same condition format as entity-level RLS
+- Use FLS for sensitive fields like salary, SSN, or internal notes
 
 ## Pushing Entities
 

diff --git a/skills/base44-cli/references/functions-create.md b/skills/base44-cli/references/functions-create.md
@@ -41,8 +41,8 @@ Each function requires a `function.jsonc` configuration file:
 
 | Property | Description | Required |
 |----------|-------------|----------|
-| `name` | Function name (must not contain dots) | Yes |
-| `entry` | Entry point file path relative to the function directory | Yes |
+| `name` | Function name (must match `/^[^.]+$/` - no dots allowed) | Yes |
+| `entry` | Entry point file path relative to the function directory (min 1 char) | Yes |
 
 ## Entry Point File
 
@@ -197,7 +197,9 @@ Deno.serve(async (req) => {
 ## Naming Conventions
 
 - **Directory name**: Use kebab-case (e.g., `process-order`, `send-notification`)
-- **Function name**: Match the directory name, no dots allowed
+- **Function name**: Match the directory name, must match pattern `/^[^.]+$/` (no dots allowed)
+  - Valid: `process-order`, `send_notification`, `myFunction`
+  - Invalid: `process.order`, `send.notification.v2`
 - **Entry file**: Typically `index.ts` or `index.js`
 
 ## Deploying Functions