Full Report
Compaction cut input tokens 86% across long-running agent evals with no quality loss. Context discipline matters as much as model selection.
Analysis Summary
# Research: Context Engineering | Compaction & Agent Memory for Automated Malware Analysis
## Metadata
- **Authors:** Gabriel Bernadett-Shapiro
- **Institution:** SentinelLABS (SentinelOne)
- **Publication:** SentinelOne Labs Blog
- **Date:** July 2, 2026
## Abstract
This research evaluates the efficacy of "compaction"—a context-management technique that compresses prior conversational history into a dense working state—within the demanding domain of automated malware analysis. Using OpenAI’s native Responses API, SentinelLABS tested whether reducing context overhead impacts the quality of complex security reasoning. The study demonstrates that compaction can reduce input token usage by 86% without degrading the accuracy of binary analysis tasks.
## Research Objective
The research addresses the "context accumulation" problem in agentic systems: as long-running tasks progress, context grows faster than relevance, leading to increased costs and degraded task quality. The central question is whether LLM agents can maintain high-fidelity reasoning in iterative malware analysis while significantly reducing their "back-history" token footprint.
## Methodology
### Approach
The researchers utilized an automated malware analysis evaluation harness. The process mirrored human analyst behavior by separating **working memory** (handled by compaction) from **durable memory** (external storage).
- **Compaction:** Summarized tool calls, prior hypotheses, and goals.
- **Durable Storage:** Held exact artifacts (logs, decompiled code, strings).
- **Evaluation:** Performance was measured against a "golden reference" of human-authored reports.
### Dataset/Environment
A binary exploration environment where the agent had access to:
- A decompiler.
- Tools for identifying functions, interpreting APIs, and mapping data structures.
- Complex malware samples requiring iterative reasoning and hypothesis revision.
### Tools & Technologies
- OpenAI Responses API (native compaction implementation).
- SentinelLABS Evaluation Harness.
- ReAct-style agent architecture.
## Key Findings
### Primary Results
1. **Token Efficiency:** Compaction reduced input tokens by approximately **86%** across long-running agent evaluations.
2. **Quality Retention:** There was **no measurable change** in the aggregate evaluation score or task quality despite the massive reduction in context.
3. **Architectural Separation:** Success relied on treating compaction as a tool for "state management" rather than "fact storage."
### Supporting Evidence
- Comparative scoring against reference analysis showed that the agent maintained a consistent "working theory" of the binary even when raw logs were compacted.
- Empirical data shows that without compaction, token costs climbed exponentially as the agent explored deeper call trees.
### Novel Contributions
- **Context Discipline:** The research highlights that "Context Discipline" is as critical as model selection in agent engineering.
- **Hybrid Memory Model:** A formalization of splitting LLM context (for goals/hypotheses) from external RAG/storage (for ground-truth artifacts) to optimize costs.
## Technical Details
Compaction functions as a built-in summarization mechanism within the model runtime. In this study, instead of the agent "dragging" the entire history of every decompiler output, the Responses API flattens these into a "state summary." This summary includes:
- Active hypotheses (e.g., "This function appears to be a command dispatcher").
- Dead-end paths (to prevent circular reasoning).
- Open questions for next steps.
## Practical Implications
### For Security Practitioners
- **Cost Reduction:** Automated analysis of complex samples becomes significantly cheaper, enabling broader deployment of AI agents for triage.
- **Reduced Noise:** Agents are less likely to become "confused" by irrelevant strings or logs from early in the session.
### For Defenders
- **Scaling Analysis:** Security teams can run autonomous "initial triage" agents on a larger volume of suspicious samples without hitting token limits or budget constraints.
### For Researchers
- **Evaluation Standards:** The study suggests that compaction should be a standard component in evaluating "long-horizon" agents.
- **State Partitioning:** Research should focus on what specific information *must* remain raw versus what can be compacted.
## Limitations
- **Lossy Compression:** If the compaction mechanism flattens a detail that later becomes crucial (and is not in durable storage), the agent may fail.
- **Framework Dependency:** The results were specifically measured using OpenAI’s 2026 native implementation; results may vary with custom-built compaction loops in other frameworks.
## Comparison to Prior Work
Unlike traditional ReAct agents that keep the entire "Thought/Action/Observation" chain in the prompt, this work builds on the "Context Engineering" concepts proposed by Jason Liu and OpenAI’s Codex, applying them specifically to the low-signal, high-noise environment of binary reverse engineering.
## Real-world Applications
- **Automated SIEM Triage:** Reducing history in long threads of investigative alerts.
- **Continuous Reverse Engineering:** Maintaining state over days of analysis on a single large-scale malware campaign.
## Future Work
- Exploring how "Context Discipline" affects different model architectures (e.g., Anthropic vs. Google).
- Refining the boundary between what is stored in "durable" vs. "compacted" memory.
## References
- OpenAI: Responses API + Codex
- Anthropic: Long-Running Agent Harnesses
- LangChain: Context Engineering
- J. Liu: Compaction As Something To Evaluate (2025)
- Context Compression For Long-Horizon Agents (arXiv:2601.07190)