refactor: update injection display name and add max tokens docs

- Change agent prefix from [SQLi/Cmd] to [Injection] to reflect expanded scope - Add README documentation for CLAUDE_CODE_MAX_OUTPUT_TOKENS environment variable This update aligns the display naming with the expanded injection analysis scope that now covers SQLi, Command Injection, LFI/RFI, SSTI, Path Traversal, and Insecure Deserialization vulnerabilities. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-02-12 17:22:50 +00:00 · 2025-11-03 10:21:17 -08:00
parent 4224d1c4f4
commit 939398074f
2 changed files with 13 additions and 3 deletions
--- a/README.md
+++ b/README.md
@@ -99,6 +99,16 @@ Shannon is available in two editions:

 You need either a **Claude Code OAuth token** or an **Anthropic API key** to run Shannon. Get your token from the [Anthropic Console](https://console.anthropic.com) and pass it to Docker via the `-e` flag.

+### Environment Configuration (Optional)
+
+To prevent Claude Code from hitting token limits during long report generation, set the max output tokens before running Shannon:
+
+```bash
+export CLAUDE_CODE_MAX_OUTPUT_TOKENS=64000
+```
+
+This is especially useful for extensive penetration testing reports or when analyzing large codebases.
+
 ### Quick Start with Docker

 #### Build the Container