memory-gc
The memory-gc command inspects and manages append-only JSONL log files (audit.jsonl, patterns.jsonl, journal.jsonl) in the hunt-memory directory to prevent unbounded growth. Use it to report current file sizes, rotate files exceeding a configurable size cap (default 10 MB) while keeping numbered backups, or purge old rotated backups. Useful during active bug-hunting sessions where logs accumulate rapidly over months.
mkdir -p ~/.claude/commands && curl -fsSL https://raw.githubusercontent.com/elementalsouls/Claude-BugHunter/HEAD/commands/memory-gc.md -o ~/.claude/commands/memory-gc.mdmemory-gc.md
# /memory-gc
Garbage-collect the hunt-memory directory. Reports current sizes, rotates oversized files past a configurable cap, or purges old backups.
## Why This Exists
Append-only logs grow without bound. On active hunters:
- `audit.jsonl` can reach 100 MB+ in months (every outbound request)
- `patterns.jsonl` and `journal.jsonl` accumulate forever
This command surfaces that growth and gives you a one-shot fix.
## Usage
```
/memory-gc # report only
/memory-gc --rotate # rotate files above 10 MB (default cap)
/memory-gc --rotate --max-mb 5 # custom cap
/memory-gc --purge-backups # delete all .1/.2/.3 backups
/memory-gc --dir <path> # scan a non-default hunt-memory dir
```
## What It Does
1. Walks the hunt-memory directory recursively.
2. Finds `audit.jsonl`, `patterns.jsonl`, and `journal.jsonl` files at any depth.
3. Prints a per-file table: live size, total (live + backups), backup count, status.
4. With `--rotate`: renames oversize files to `<file>.1`, shifting older backups up to `<file>.{keep}`. The oldest is dropped.
5. With `--purge-backups`: removes every `.1`/`.2`/`.3` backup, keeping only live files.
## Implementation
The agent shells out to:
```bash
python -m tools.memory_gc [args]
```
from the repo root.
## Defaults
- **Rotation cap:** 10 MB per file
- **Backups kept:** 3 (so `<file>.1` newest → `<file>.3` oldest)
- **Scope:** `hunt-memory/` and any nested target dirs
Auto-rotation fires automatically in two places:
1. **On every write** — inside `AuditLog.log()` and `PatternDB.save()` when the next append would exceed the cap.
2. **On session end** — a `Stop` hook in `.claude/settings.json` runs `python3 -m tools.memory_gc --rotate` so long sessions that wrote a lot but never crossed the cap mid-session still get cleaned up.
So this slash command is mainly for ad-hoc reporting (`/memory-gc` with no args) and manual cleanup of accumulated backups (`/memory-gc --purge-backups`).Run autonomous hunt loop on a target — scope check → recon → rank surface → hunt → validate → report with configurable checkpoints. Usage: /autopilot target.com [--paranoid|--normal|--yolo]
Build an exploit chain — given bug A, finds B and C to combine for higher severity and payout. Knows common chain patterns: IDOR→ATO, SSRF→cloud metadata, XSS→ATO, open redirect→OAuth theft, S3→bundle→secret→OAuth. Usage: /chain
Active vulnerability hunting. Two-track dispatcher — asks Red Team vs WAPT, hands off to hunt-dispatch skill and sibling commands. Usage: /hunt target.com | /hunt *.target.com | /hunt targets.txt [--vuln-class X] [--source-code P] [--chrome]
On-demand intelligence fetch for a target — CVEs, disclosed reports, new features. Wraps learn.py + hunt memory context. Usage: /intel target.com
Pick up a previous hunt on a target — shows hunt history, untested endpoints, and memory-informed suggestions. Usage: /pickup target.com
Run full recon pipeline on a target — subdomain enum (Chaos API + subfinder), live host discovery (dnsx + httpx), URL crawl (katana + waybackurls + gau), gf pattern classification, nuclei scan. Outputs to recon/<target>/ directory. Usage: /recon target.com
Log current finding or successful pattern to hunt memory. Auto-fills from /validate output if available. Usage: /remember
Write a submission-ready bug bounty report. Generates H1/Bugcrowd/Intigriti/Immunefi format with CVSS 3.1 score, proof of concept, impact statement, and remediation. Run /validate first. Usage: /report