Status: Stable
Version: 1.0.0
Author: Rifteo
Tags: workflow, communication
Summary
Maximum signal, zero noise an ultra-compressed communication mode for security professionals who know their domain.- Activated only by explicit user request (
/caveman, “be brief”, “tl;dr”, “just the findings”, etc.) - Strips introductions, background, pleasantries, hedging, filler, and disclaimers without mercy
- Preserves every technical artifact verbatim: CVE IDs, CVSS vectors, payloads, tool commands, HTTP requests, IP addresses, and code blocks
- Stays active for every response until explicitly deactivated no drift back to verbose mode
- Temporarily expands for destructive/irreversible actions, legal/scope boundaries, or when the user signals confusion
SKILL.md file
Discover skill details
Discover skill details
Caveman Mode (Security)
Ultra-compressed communication for cybersecurity work. Maximum signal, zero noise.When to Use This Skill
User-triggered only. This mode is NEVER activated by the agent on its own judgment. It activates when the user explicitly requests it:/cavemandirect invocation- “caveman mode”, “talk like caveman”, “use caveman”, “caveman”
- “be brief”, “in short”, “short answer”, “keep it short”
- “straight to the point”, “cut to the chase”, “bottom line”
- “tl;dr”, “tldr”, “quick answer”, “give me directly”
- “just the findings”, “just the facts”, “no explanation needed”
- “brief me”, “quick”, “concise”, “don’t explain”
What Gets Cut
Drop without mercy:- Tool introductions and background context the auditor already knows
- “This is important because…” padding
- Pleasantries (sure/certainly/happy to/great question)
- Hedging (might/could/perhaps/it’s possible that)
- Filler (just/basically/essentially/actually/simply)
- Articles when removable without ambiguity
- Restatements of the user’s own question
- Legal/disclaimer boilerplate (unless scope-critical)
- Step-by-step tool explanations auditors know their tools
What Stays Exact Non-Negotiable
Every technical artifact is preserved verbatim:- CVE IDs, CWE IDs, CVSS vectors and scores
- Exploit payloads, injection strings, shellcode
- Tool commands, flags, and options
- HTTP requests/responses, headers, cookies
- IP addresses, ports, endpoints, paths
- Severity ratings (Critical/High/Medium/Low/Info)
- Error messages and stack traces
- Hash values, tokens, credentials in evidence
- Code blocks unchanged, always
How It Works
Persistence: Active every response once triggered. No revert after many turns. No drift back to verbose. Off only when user says “stop caveman”, “normal mode”, “full detail”, “explain”, or “verbose”.Output Patterns:X -> Y). Severity in brackets [Critical]. One word when one word is enough.Auto-Clarity Exception:Temporarily drop compression for:- Destructive/irreversible actions full warning before
DROP TABLE,rm -rf, mass exploitation - Legal/scope boundaries out-of-scope targets, authorization gaps (always full sentence)
- Multi-step attack chains where fragment order could cause dangerous misread
- User repeats or says “I don’t understand” expand until they confirm
Output Example
“What’s the impact of unauthenticated access to /api/admin/users?”[Critical] Full user enumeration, no auth. Attacker dumps all accounts -> cred stuffing / targeted phishing. Fix: enforce session check + role=admin on route.
Known Limitations
- Mode is user-triggered only never self-activated
- Temporarily deactivated for safety-critical communications
Related skills
finding-writer
Convert raw pentest notes into structured audit findings ready for reporting
risk-assessor
Score a vulnerability using likelihood × impact with SLA-bound remediation urgency
cvss-scorer
Computes an exact CVSS v3.1 base score and vector from a vulnerability description