From aeef04ee004e750bd7d7309617bc8487665b6bca Mon Sep 17 00:00:00 2001
From: rarebuffalo <info.krishnasingh.codes@gmail.com>
Date: Mon, 15 Jun 2026 01:02:00 +0530
Subject: [PATCH] add a 1000 candidate file capping safeguard to discovery walk

---
 cli/securelens/scanners/__init__.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/cli/securelens/scanners/__init__.py b/cli/securelens/scanners/__init__.py
index 992497d..a3c22c9 100644
--- a/cli/securelens/scanners/__init__.py
+++ b/cli/securelens/scanners/__init__.py
@@ -150,6 +150,12 @@ def discover_files(root: Path, cfg: CLIConfig) -> list[Path]:
                 continue
             candidates.append(p)
 
+            # Capping safeguard: limit to 1000 candidate files
+            if len(candidates) >= 1000:
+                break
+        if len(candidates) >= 1000:
+            break
+
     return sorted(candidates)