diff --git a/modules/security/optimize-ct-limit.sh b/modules/security/optimize-ct-limit.sh
index 4143d18..544100f 100755
--- a/modules/security/optimize-ct-limit.sh
+++ b/modules/security/optimize-ct-limit.sh
@@ -804,7 +804,7 @@ apply_recommendation() {
 main() {
     # Check for auto mode
     local AUTO_MODE=0
-    if [ "$1" = "--auto" ] || [ "$1" = "-a" ]; then
+    if [ "${1:-}" = "--auto" ] || [ "${1:-}" = "-a" ]; then
         AUTO_MODE=1
     fi
 
diff --git a/tools/toolkit-qa-check.sh b/tools/toolkit-qa-check.sh
index 9b4651f..b42a183 100755
--- a/tools/toolkit-qa-check.sh
+++ b/tools/toolkit-qa-check.sh
@@ -472,12 +472,33 @@ while read -r file; do
         func_name=$(echo "$func_line" | sed 's/^\s*//; s/(.*$//')
 
         # Check if function uses parameters (exclude AWK/sed field references)
-        # Get function body - need to handle multi-line AWK/sed blocks
-        func_body=$(grep -A 20 "^[[:space:]]*$func_name()" "$file" 2>/dev/null)
+        # First check if this is an inline function definition (entire function on one line)
+        inline_func=$(grep -n "^[[:space:]]*$func_name()" "$file" | head -1 | grep -o '{.*}')
 
-        # Remove AWK blocks completely (from awk ' to closing ')
-        # This handles multi-line AWK scripts where $1 is AWK field reference
-        func_body_clean=$(echo "$func_body" | sed '/awk.*'"'"'/,/'"'"'/d' | grep -v 'sed ')
+        if [ -n "$inline_func" ]; then
+            # Inline function - check if it's just an echo/print wrapper
+            if echo "$inline_func" | grep -qE '^\s*\{\s*echo.*\$[1-9].*\}\s*$'; then
+                continue  # Skip echo wrappers
+            fi
+            func_body="$inline_func"
+        else
+            # Multi-line function - extract body properly
+            func_body=$(awk -v fname="$func_name" '
+                $0 ~ "^[[:space:]]*" fname "\\(\\)" { found=1; next }
+                found && /^[[:space:]]*[a-zA-Z_][a-zA-Z0-9_]*\s*\(\)/ { exit }
+                found && /^}$/ { print; exit }
+                found { print }
+            ' "$file" 2>/dev/null)
+        fi
+
+        # Remove AWK/sed blocks completely (multi-line scripts with $1-9 field refs)
+        # Removes from "awk" line through the closing standalone quote
+        func_body_clean=$(echo "$func_body" | awk '
+            /awk |sed / { skip=1 }
+            skip && /^[[:space:]]*'"'"'[[:space:]]*$/ { skip=0; next }
+            skip && /^[[:space:]]*"[[:space:]]*$/ { skip=0; next }
+            !skip { print }
+        ')
 
         # Use cleaned body for detection
         func_body="$func_body_clean"
@@ -500,9 +521,14 @@ while read -r file; do
             fi
 
             # Skip simple echo/print wrapper functions (validation not needed for display)
-            # If function only uses params in echo/print statements, it's safe
+            # Pattern 1: Functions defined inline with only echo (e.g., print_substatus() { echo -e "... $1"; })
+            if echo "$func_body" | grep -qE '^\s*\{\s*echo.*\$[1-9].*;\s*\}'; then
+                continue
+            fi
+
+            # Pattern 2: Multi-line functions that only use params in echo/print statements
             if echo "$func_body" | grep -E "^\s*(echo|printf|print)" | grep -q '\$[1-9]'; then
-                if ! echo "$func_body" | grep -v -E "^\s*(echo|printf|print|local|#)" | grep -q '\$[1-9]'; then
+                if ! echo "$func_body" | grep -v -E "^\s*(echo|printf|print|local|#|\{|\})" | grep -q '\$[1-9]'; then
                     continue
                 fi
             fi