diff --git a/src/main.el b/src/main.el
index f431ac7..09c249e 100644
--- a/src/main.el
+++ b/src/main.el
@@ -1084,6 +1084,10 @@ fn handle_request_inner(method: String, path: String, body: String) -> String {
             if str_eq(msg, "") {
                 return "{\"error\":\"message required\"}"
             }
+            // Input length guard: ~2000 tokens ≈ 8000 characters
+            if str_len(msg) > 8000 {
+                return "{\"error\":\"Message too long. Please keep your message under 8000 characters.\"}"
+            }
             // Rate limit: 10 chats per uid per day (UTC day, keyed by uid).
             // State key: "__rl_<uid>" → "<count>|<day_number>"
             // day_number = unix_timestamp / 86400 (integer UTC day)