Does it use mock contracts for the exploit?

No. To ensure accuracy, the skill is programmed to use the actual project contracts and deployment logic rather than simulations or mocks.

Does Weasel PoC work with both Hardhat and Foundry?

Yes, it automatically detects your project's framework by looking for configuration files like foundry.toml or hardhat.config.js and adapts its output accordingly.

Can I use this for bug bounty reports?

Absolutely. It is designed to create clean, assertion-based PoCs that are ideal for proving impact in professional security disclosures and audit reports.

How does it prove the vulnerability exists?

It uses functional assertions (like assertGt or expectRevert) to prove the exploit's success, ensuring the test fails if the vulnerability is not present.

Weasel Solidity PoC Writer

Name: Weasel Solidity PoC Writer
Author: slvDev

byslvDev

•

安全与测试

Generates precise, assertion-based proof-of-concept exploits for Solidity smart contract vulnerabilities within existing test suites.

关于

Weasel PoC Writer transforms identified Solidity vulnerabilities into executable exploits using project-native testing frameworks like Foundry and Hardhat. It streamlines the security auditing process by automatically setting up attacker scenarios, executing exploit logic, and using rigorous assertions to prove impact—all while maintaining a clean, production-standard codebase free of noisy console output. This skill ensures that security findings are demonstrably reproducible and ready for professional bug reports or internal remediation.

主要功能

10 GitHub stars
Strict assertion-driven verification to prove vulnerability impact
Clean code enforcement with zero-tolerance for noisy console logging
Deep integration with Foundry (forge) and Hardhat test environments
Automated exploit generation for common Solidity vulnerabilities
Automatic detection and utilization of existing project deployment fixtures

使用场景

Building regression tests to verify that security patches effectively block exploits
Creating reproducible bug reports for professional bug bounty submissions
Validating suspected reentrancy or logic flaws in smart contracts

关于

主要功能

10 GitHub stars
Strict assertion-driven verification to prove vulnerability impact
Clean code enforcement with zero-tolerance for noisy console logging
Deep integration with Foundry (forge) and Hardhat test environments
Automated exploit generation for common Solidity vulnerabilities
Automatic detection and utilization of existing project deployment fixtures

使用场景

Building regression tests to verify that security patches effectively block exploits
Creating reproducible bug reports for professional bug bounty submissions
Validating suspected reentrancy or logic flaws in smart contracts