diff --git a/.cursor/rules/database-patterns.mdc b/.cursor/rules/database-patterns.mdc
index a4f65f5fb..ec60a43b3 100644
--- a/.cursor/rules/database-patterns.mdc
+++ b/.cursor/rules/database-patterns.mdc
@@ -142,6 +142,29 @@ Schema::create('applications', function (Blueprint $table) {
 - **Soft deletes** for audit trails
 - **Activity logging** with Spatie package
 
+### **CRITICAL: Mass Assignment Protection**
+**When adding new database columns, you MUST update the model's `$fillable` array.** Without this, Laravel will silently ignore mass assignment operations like `Model::create()` or `$model->update()`.
+
+**Checklist for new columns:**
+1. ✅ Create migration file
+2. ✅ Run migration
+3. ✅ **Add column to model's `$fillable` array**
+4. ✅ Update any Livewire components that sync this property
+5. ✅ Test that the column can be read and written
+
+**Example:**
+```php
+class Server extends BaseModel
+{
+    protected $fillable = [
+        'name',
+        'ip',
+        'port',
+        'is_validating', // ← MUST add new columns here
+    ];
+}
+```
+
 ### Relationship Patterns
 ```php
 // Typical relationship structure in Application model
diff --git a/CLAUDE.md b/CLAUDE.md
index 6c594955c..34149d28a 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -160,6 +160,7 @@ ### Database Patterns
 - Use database transactions for critical operations
 - Leverage query scopes for reusable queries
 - Apply indexes for performance-critical queries
+- **CRITICAL**: When adding new database columns, ALWAYS update the model's `$fillable` array to allow mass assignment
 
 ### Security Best Practices
 - **Authentication**: Multi-provider auth via Laravel Fortify & Sanctum