npx claudepluginhub d0gesec/pownieThis skill uses the workspace's default tool permissions.
CTF and offsec sessions are long-form by nature — multi-hour engagements with heavy tool output, iterative exploitation, and chained attack paths. Auto-compaction is destructive in this context because it fires at arbitrary points and silently drops exploit state, payload bytes, and enumeration results. This skill teaches when and how to compact strategically so you keep attacking momentum with...
Suggests manual /compact at strategic task boundaries in long Claude Code sessions and multi-phase workflows to preserve context over arbitrary auto-compaction.
Manages context windows in long Claude Code sessions: auto-triggers compaction at tool call thresholds, preserves critical info, coordinates state saves, injects dev/research/review behavioral modes.
Preserves critical context data before Claude Code's automatic compaction using snapshots and integrity verification to prevent information loss in complex projects.
Share bugs, ideas, or general feedback.
CTF and offsec sessions are long-form by nature — multi-hour engagements with heavy tool output, iterative exploitation, and chained attack paths. Auto-compaction is destructive in this context because it fires at arbitrary points and silently drops exploit state, payload bytes, and enumeration results. This skill teaches when and how to compact strategically so you keep attacking momentum without context rot.
Auto-compaction in a CTF session can:
Strategic compaction at phase boundaries avoids all of this because Neo4j graph data and workspace files persist independently.
Recon --> Enumeration --> Initial Access --> Post-Exploit Enum --> Lateral/Privesc --> Flag
| After this phase... | Compact? | Why |
|---|---|---|
| Full port scan + service enum | Yes | Nmap/gobuster output is massive. Findings are in Neo4j — you don't need raw output in context |
| Failed exploit chain (3+ attempts) | Yes | Dead-end reasoning pollutes context. Update attempts as failed in Neo4j first, then compact with fresh approach |
| Got initial shell + posted creds/shell | Yes | New user = fresh enumeration cycle. Prior exploitation context is noise now |
| Got new user (lateral movement) | Yes | Same as above — record creds/shell in Neo4j, compact, re-enumerate as new identity |
| Pivoting to completely different service | Yes | Web exploit context is useless for binary exploitation and vice versa |
| Situation | Why |
|---|---|
| Mid-exploit (payload assembled, not yet fired) | Payload bytes will be mangled or lost |
| Active binary analysis (offsets, gadgets identified) | ROP chains, canary values, libc offsets are hard to reconstruct |
| Multi-step CVE chain in progress | Intermediate state (tokens, session cookies, CSRF values) will vanish |
| Debugging a specific failure | Error context and hypothesis state are essential |
Before running /compact, verify all of these. Skipping any item means losing that state permanently:
mcp__neo4j__write_cypher; all attempt outcomes currentoutcome: 'failed' and output_summary/workspace/ (not just in conversation history)credential nodes with AUTHENTICATES_TO relationshipsAfter compacting, compact-state.md (auto-generated by PreCompact hook) provides orientation — target name, actual credential/service data, failed attempts, and recent command history. Run this sequence:
1. Read compact-state.md (if it exists) <- target name + actual data snapshot
2. mcp__neo4j__read_cypher: <- full structured state
MATCH (t:target)-[r*1..3]-(n)
UNWIND r AS rel
RETURN DISTINCT labels(n)[0] AS type, n.key AS key, properties(n) AS props
ORDER BY type, key
3. ls /workspace/ <- saved exploit scripts and notes
4. Read MEMORY.md <- auto-loaded, check for target-specific notes
compact-state.md gives you the quick orientation (creds, shells, what failed, recent commands). The recovery Cypher gives the full structured data. Together = full continuity.
Always use /compact with a targeted summary. Generic summaries lose critical state.
Bad: /compact (no message)
Bad: /compact Working on HTB machine
Good: /compact Got shell as www-data via SQLi on port 80. Creds for mysql user in DB. Next: enumerate internal services for lateral movement to user tom. Exploit script at /workspace/sqli.py
The summary becomes your session's "load-bearing context" — everything else is rebuilt from Neo4j and files.
| Persists | Lost |
|---|---|
| Neo4j graph (ports, creds, vulns, attempts, strategies, command_log) | Raw tool output (nmap, gobuster, etc.) |
Workspace files (/workspace/*.py, notes, exploits) | Intermediate reasoning and analysis |
Memory files (MEMORY.md, topic files) | Payload bytes in conversation history |
| CLAUDE.md + skill instructions | Multi-step conversation context |
| Git state (commits, branches) | User-stated preferences from this session |
| TodoWrite task list | Nuanced failure analysis ("it failed because...") |
/compact summary message | Everything else |
Auto-compaction cannot be fully replaced — disabling it causes "prompt is too long" hard errors that permanently kill the session. The correct strategy is to tune auto-compact as a safety net and manually compact before it fires.
| Component | Tokens | % |
|---|---|---|
| System prompt | ~2.7K | 1.3% |
| Built-in tools | ~16.8K | 8.4% |
| MCP tool definitions (kali, neo4j, etc.) | ~10-20K | 5-10% |
| CLAUDE.md + memory files + skills | ~5-10K | 2.5-5% |
| Auto-compact buffer (reserved, unusable) | ~33K | 16.5% |
| Available for conversation | ~120-133K | ~60-67% |
With heavy MCP server load (kali + neo4j), usable context drops to ~120K. Auto-compact fires at ~83.5% usage (~167K tokens used).
1. Tune auto-compact threshold (recommended: 70% for offsec):
# In shell profile (~/.zshrc or ~/.bashrc)
export CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=70
# Or in project settings (.claude/settings.local.json)
{
"env": {
"CLAUDE_AUTOCOMPACT_PCT_OVERRIDE": "70"
}
}
Lower = fires earlier = preserves more context quality. At 70%, you get a larger buffer zone to manually compact before auto takes over.
2. Add Compact Instructions to CLAUDE.md (tells the summarizer what to keep):
## Compact Instructions
When compacting, always preserve:
- Target IP/hostname and current attack phase
- All discovered credentials and which services they access
- Current shell access (user, method, path)
- Active exploit chain state (what worked, what's next)
- File paths of saved exploit scripts in /workspace/
- Any CVE identifiers being exploited
These instructions survive compaction (they're in CLAUDE.md which reloads every turn) and guide the summarizer to keep attack-critical context.
3. PreCompact hook (pre-compact-save.sh — auto-saves Neo4j state):
The PreCompact hook fires before every compaction (auto or manual). It cannot block compaction, but it queries Neo4j and writes a rich compact-state.md so the post-compact agent can orient quickly.
What it does:
compact-state.md with: target, services, credentials, shells, flags, in-progress strategies, failed attempts, recent command historycompaction_event node in Neo4j for auditConfig (already set in .claude/settings.json):
{
"hooks": {
"PreCompact": [{
"matcher": "",
"hooks": [{
"type": "command",
"command": "\"$CLAUDE_PROJECT_DIR\"/.claude/skills/strategy-compact/pre-compact-save.sh"
}]
}]
}
}
"matcher": "" catches ALL compactions (auto + manual).
Post-compact recovery flow:
Compaction fires
-> pre-compact-save.sh queries Neo4j -> writes compact-state.md
-> compaction runs (conversation context is summarized)
-> post-compact agent sees compact summary + compact-state.md
-> agent runs: mcp__neo4j__read_cypher with recovery Cypher
-> full structured state rebuilt from Neo4j
compact-state.md is a data-rich orientation file — it carries actual credentials, services, failed attempts, and command history so the agent can act immediately. The recovery Cypher gives full structured detail.
4. Disable auto-compact entirely (NOT recommended — causes hard failures):
# Only if you are disciplined about manual /compact
claude config set -g autoCompactEnabled false
# Lives in ~/.claude.json (NOT settings.json)
If you disable auto-compact, you MUST manually /compact before context fills or the session dies with "prompt is too long" — an unrecoverable error.
| Usage % | Zone | Behavior |
|---|---|---|
| 0-50% | Green | Full precision, all details retained |
| 50-70% | Yellow | Minor precision loss, good time for proactive compact |
| 70-85% | Orange | Noticeable degradation, hallucination risk rises |
| 85-90% | Red | Unreliable — responses shorten, context references fail |
| 90%+ | Critical | "Prompt is too long" imminent — /compact NOW or lose session |
This error is different from auto-compaction. It means the total prompt (system + tools + CLAUDE.md + conversation) exceeded the model's hard limit. Once triggered, the session is permanently dead — every subsequent input returns the same error.
Causes:
Prevention:
CLAUDE_AUTOCOMPACT_PCT_OVERRIDE=70 as a safety net/compact at phase boundaries (the whole point of this skill)/clear between completely unrelated tasks/mcp to audit MCP server token costs; disable servers you're not using| Situation | Action |
|---|---|
| Session feels sluggish, losing context | /compact with targeted summary |
| "Prompt is too long" error | claude --continue to resume in fresh session, or claude --resume to pick a session |
| Switching from one HTB box to another | /clear (not compact — unrelated context is pure noise) |
| Multi-hour session, natural break | /compact, close terminal, resume later with claude --continue |
| Need parallel investigation | Use Agent tool with subagents (isolated 200K context each) |
When approaching context limits, use these to decide:
| Anti-Pattern | Why It Hurts | Instead |
|---|---|---|
| Disabling auto-compact without discipline | "Prompt is too long" kills the session permanently | Keep auto at 70% as safety net, manual compact at phase boundaries |
| Compacting without saving findings | Lose all discovered intel permanently | Always run pre-compact checklist, verify Neo4j has your data |
| Compacting mid-exploit | Payload bytes get mangled in summary | Finish the attempt first, even if it fails |
| Never compacting (riding auto-compact) | Auto fires mid-task, loses more than strategic compact would | Compact at phase boundaries proactively |
| Compacting with no summary message | Next phase has zero starting context | Write a specific summary of state + next steps |
| Saving payloads only in conversation | Markdown summarization strips special chars | Save to /workspace/ files before compact |
| Huge CLAUDE.md + many MCP servers | Eats 30%+ of context before you type anything | Keep CLAUDE.md under 200 lines, audit /mcp costs |