How does Weasel avoid reporting intentional design choices as bugs?

The skill explicitly checks README.md, known-issues.md, and internal documentation to identify trust assumptions and documented limitations before providing a verdict.

What kind of verdict does the validation provide?

Each validation concludes with a verdict of CONFIRMED, PARTIAL, NOT EXPLOITABLE, KNOWN ISSUE, or BY DESIGN, accompanied by a detailed reasoning and code evidence.

Does this skill only work for Solidity smart contracts?

Yes, Weasel is specifically designed as a static analyzer and validator for Solidity codebases.

What types of vulnerabilities can it validate?

It is optimized to validate common and complex vectors including reentrancy, access control flaws, flash loan price manipulation, and front-running risks.

Can this skill generate a Proof of Concept (PoC) for a bug?

Once an attack is confirmed via weasel-validate, it can trigger the weasel-poc skill to help you draft a functional proof of exploit.

Weasel Smart Contract Attack Validator

Name: Weasel Smart Contract Attack Validator
Author: slvDev

byslvDev

•

Security & Testing

Validates user-proposed security vulnerabilities and attack vectors in Solidity smart contracts through rigorous trace analysis.

This specialized skill empowers security researchers and smart contract developers to rigorously test their vulnerability hypotheses. By integrating with the Weasel static analyzer, it moves beyond simple code scanning to perform deep logical validation of potential exploits like reentrancy, access control bypasses, and flash loan attacks. The skill intelligently cross-references project documentation, READMEs, and known issue logs to ensure findings are actionable and non-redundant, providing a clear verdict on exploitability supported by step-by-step logic traces.

Key Features

01Analyzes complex patterns including reentrancy, access control, and MEV risks

02Verifies environmental preconditions and state requirements for exploitability

0310 GitHub stars

04Step-by-step attack path tracing and logical verification

05Provides standardized verdicts with evidence-backed code references

06Cross-references READMEs and known-issue logs to eliminate false positives

Use Cases

01Confirming if a suspected reentrancy point is actually exploitable given existing guards

02Performing deep-dive analysis on access control bypasses during a protocol security audit

03Validating whether a potential vulnerability is an intentional design choice or a known issue

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add slvdev/weasel weasel-validate

For use in Claude.ai and ChatGPT

Download Skill