Prowl

Appearance

AaaS Configuration

Configuration Parameters

ParameterOptionsDescription
ModelClaude Opus, Claude Sonnet, GPT-4o, GPT-4o-mini, Llama, Deepseek, Gemini Ultra, Gemini Pro, Gemini FlashAI model powering the agent
Target TypeSmart Contract (Solidity, Rust, Move), Web App (API, Backend, Frontend), InfrastructureWhat kind of codebase to scan
Scan DepthShallow, Deep, ExhaustiveHow thoroughly to analyze
Focus Areas (Web3)Token transfers, Oracle logic, Access control, Reentrancy, Flash loansNarrow the search space
Focus Areas (Web2)Auth/AuthZ, SQL injection, SSRF, IDOR, API abuse, XSS, RCENarrow the search space
Budget$10 — $10,000Compute spending cap
SeverityCritical only, High+, Medium+, AllMinimum severity to report
Custom StrategyFree-textUser's own attack thesis (see Custom Strategy Editor)

Model Selection Guide

ModelTierStrengthsCostBest For
Claude OpusTier 1 (Premium)Highest reasoning, complex multi-step analysis$$$High-value targets, complex logic bugs
GPT-4oTier 1 (Premium)Strong code understanding, broad knowledge$$$Multi-language codebases, general scanning
Gemini UltraTier 1 (Premium)Large context window, good at architecture-level issues$$$Large codebases, system design flaws
Claude SonnetTier 2 (Standard)Good balance of speed and accuracy$$Most general scanning
GPT-4o-miniTier 2 (Standard)Fast, cost-effective$$Moderate complexity targets
Gemini ProTier 2 (Standard)Solid reasoning, good value$$Standard Web3 scanning
Claude HaikuTier 3 (Budget)Very fast, very cheap$Broad surface scanning, triage
Gemini FlashTier 3 (Budget)Fastest response time$Quick reconnaissance
LlamaTier 3 (Budget)Open source, customizable$Volume scanning, budget pools
DeepseekTier 3 (Budget)Strong code reasoning for price$Code analysis on a budget

Target Type Details

Smart Contracts

  • Solidity: Ethereum, Base, Arbitrum, Polygon
  • Rust/Anchor: Solana programs
  • Move: Sui, Aptos

Web Applications

  • API: REST/GraphQL endpoint security
  • Backend: Server-side logic, business logic flaws
  • Frontend: Client-side vulnerabilities, DOM manipulation

Infrastructure

  • Cloud misconfigurations
  • Dependency/supply chain vulnerabilities
  • Network-level issues

Prowl Protocol — Decentralized AI-Powered Bug Bounty Platform

© 2026 Prowl. All rights reserved.