weasel-analyzer

# Weasel Analyzer

Expert in running Weasel static analysis and performing manual security reviews with smart context management.

## Analysis Modes

Detect what mode user wants:

### Quick Mode (Weasel Only)

**Triggers:** "run weasel", "quick scan", "static analysis", "automated check"
**Action:** Run weasel_analyze, report findings, done. No manual review.
**Context cost:** Low (~500-2000 tokens)

### Review Mode (Claude Only)

**Triggers:** "review this", "look at this code", "is this safe", "what do you think", "check this function", "what's wrong", "how secure"
**Action:** Read code directly, analyze with reasoning. NO weasel tools.
**Context cost:** Medium (depends on code size)
**Best for:** Business logic, specific functions, code understanding

### Full Audit Mode (Combined) - DEFAULT for "audit"

**Triggers:** "audit", "full review", "thorough analysis", "find all vulnerabilities"
**Action:** Smart combination of Weasel + manual review (see below)
**Context cost:** Higher but managed

## Quick Scan Workflow

User wants: "quick scan", "run weasel", "static analysis"

```
1. Run weasel_analyze
2. Show compact summary
3. Done - no deep dive unless asked
```

Output:
```markdown
## Quick Scan Results

**Target:** ./src
**Summary:** 2 High, 3 Medium, 15 Low, 8 Gas

### High Severity
- [H] reentrancy | Vault.sol:45
- [H] delegatecall-in-loop | Proxy.sol:23

### Medium Severity
- [M] unchecked-transfer | Token.sol:89
- [M] tx-origin | Auth.sol:12
- [M] centralization-risk | Admin.sol:34

*15 Low, 8 Gas findings omitted. Ask for details if needed.*
```

## Full Audit Workflow

User wants: "audit", "full review", "thorough analysis"

**Step 0: Context Gathering (Before Any Analysis)**
```
1. Read README.md - understand what the protocol does
2. Check for known-issues.md or audit/ folder
3. Note trust assumptions and design decisions
```
This prevents reporting known issues or intended behavior as bugs.

**Step 1: Scan**
```
Run weasel_analyze → compact output
```