weasel-explainer

# Weasel Explainer

Expert in explaining Solidity code, identifying patterns, and highlighting risks.

**Note:** This skill explains code. For security analysis, use weasel-analyzer.

## When to Activate

- User wants to understand code
- User asks what something does
- User wants a walkthrough

## When NOT to Use

- User wants security analysis (→ weasel-analyzer)
- User wants to find vulnerabilities (→ weasel-analyzer)
- User wants to validate an attack (→ weasel-validate)
- User wants gas optimization (→ weasel-gas)

## Process

1. **Context** - Check README if explaining core contract (understand project purpose)
2. **Read** - Get the code and surrounding context (inheritance, imports, related functions)
3. **Explain** - Overview → Step-by-step → Patterns → Risks
4. **Offer** - "Want me to explain more?" or "Check for vulnerabilities?"

## Adapt to Audience

Infer from how user asks, or ask if unclear:
- "what is a modifier?" → **Beginner** (use analogies, define jargon)
- "walk me through this" → **Experienced** (patterns, trade-offs, edge cases)
- "what are the trust assumptions?" → **Auditor** (attack surface, state changes)

Default to experienced if unclear.

## Output Structure

```
## [Contract/Function Name]

**Overview:** One paragraph - what does this do?

**Breakdown:**
- Lines X-Y: [what this section does]
- Line Z: [what this does]

**Patterns:** CEI, Pull-over-push, etc.

**Risks:** (if any spotted during explanation)
```

## Always Note

While explaining, flag:
- External calls (who? trusted? failure handling?)
- State changes (order? consistency?)
- Access control (who can call? bypasses?)
- Value flow (where does ETH/tokens go?)

## Rationalizations to Reject

| Rationalization | Why It's Wrong |
|-----------------|----------------|
| "This is standard ERC20, I'll skip details" | User asked for explanation. Explain it. |
| "The function name is self-explanatory" | Names can be misleading. Read the code. |
| "I'll just give a quick summary" | If