agent-security-scanner-mcp 3.0.0 → 3.2.0

package/rules/generic/secrets/gitleaks/planetscale-oauth-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: planetscale-oauth-token
+  message: A gitleaks planetscale-oauth-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)\b(pscale_oauth_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/planetscale-password.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: planetscale-password
+  message: A gitleaks planetscale-password was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)\b(pscale_pw_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/postman-api-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: postman-api-token
+  message: A gitleaks postman-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)\b(PMAK-(?i)[a-f0-9]{24}\-[a-f0-9]{34})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/prefect-api-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: prefect-api-token
+  message: A gitleaks prefect-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)\b(pnu_[a-z0-9]{36})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/private-key.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: private-key
+  message: A gitleaks private-key was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)-----BEGIN[ A-Z0-9_-]{0,100}PRIVATE KEY( BLOCK)?-----[\s\S-]*KEY( BLOCK)?----

package/rules/generic/secrets/gitleaks/pulumi-api-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: pulumi-api-token
+  message: A gitleaks pulumi-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)\b(pul-[a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/pypi-upload-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: pypi-upload-token
+  message: A gitleaks pypi-upload-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: pypi-AgEIcHlwaS5vcmc[A-Za-z0-9\-_]{50,1000}

package/rules/generic/secrets/gitleaks/rapidapi-access-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: rapidapi-access-token
+  message: A gitleaks rapidapi-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)(?:rapidapi)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{50})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/readme-api-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: readme-api-token
+  message: A gitleaks readme-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)\b(rdme_[a-z0-9]{70})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/rubygems-api-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: rubygems-api-token
+  message: A gitleaks rubygems-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)\b(rubygems_[a-f0-9]{48})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/scalingo-api-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: scalingo-api-token
+  message: A gitleaks scalingo-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: \b(tk-us-[a-zA-Z0-9-_]{48})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/sendbird-access-id.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: sendbird-access-id
+  message: A gitleaks sendbird-access-id was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)(?:sendbird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/sendbird-access-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: sendbird-access-token
+  message: A gitleaks sendbird-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)(?:sendbird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/sendgrid-api-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: sendgrid-api-token
+  message: A gitleaks sendgrid-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)\b(SG\.(?i)[a-z0-9=_\-\.]{66})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/sendinblue-api-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: sendinblue-api-token
+  message: A gitleaks sendinblue-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)\b(xkeysib-[a-f0-9]{64}\-(?i)[a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/sentry-access-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: sentry-access-token
+  message: A gitleaks sentry-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)(?:sentry)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/shippo-api-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: shippo-api-token
+  message: A gitleaks shippo-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)\b(shippo_(live|test)_[a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/shopify-access-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: shopify-access-token
+  message: A gitleaks shopify-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: shpat_[a-fA-F0-9]{32}

package/rules/generic/secrets/gitleaks/shopify-custom-access-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: shopify-custom-access-token
+  message: A gitleaks shopify-custom-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: shpca_[a-fA-F0-9]{32}

package/rules/generic/secrets/gitleaks/shopify-private-app-access-token.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: shopify-private-app-access-token
+  message: A gitleaks shopify-private-app-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: shppa_[a-fA-F0-9]{32}

package/rules/generic/secrets/gitleaks/shopify-shared-secret.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: shopify-shared-secret
+  message: A gitleaks shopify-shared-secret was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: shpss_[a-fA-F0-9]{32}

package/rules/generic/secrets/gitleaks/sidekiq-secret.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: sidekiq-secret
+  message: A gitleaks sidekiq-secret was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)(?:BUNDLE_ENTERPRISE__CONTRIBSYS__COM|BUNDLE_GEMS__CONTRIBSYS__COM)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{8}:[a-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)

package/rules/generic/secrets/gitleaks/sidekiq-sensitive-url.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: sidekiq-sensitive-url
+  message: A gitleaks sidekiq-sensitive-url was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
+  languages:
+    - regex
+  severity: INFO
+  metadata:
+      likelihood: LOW
+      impact: MEDIUM
+      confidence: LOW
+      category: security
+      cwe:
+        - "CWE-798: Use of Hard-coded Credentials"
+      cwe2021-top25: true
+      cwe2022-top25: true
+      owasp:
+        - A07:2021 - Identification and Authentication Failures
+        - A07:2025 - Authentication Failures
+      references:
+        - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
+      source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
+      subcategory:
+        - vuln
+      technology:
+        - gitleaks
+  patterns:
+    - pattern-regex: (?i)\b(http(?:s??):\/\/)([a-f0-9]{8}:[a-f0-9]{8})@(?:gems.contribsys.com|enterprise.contribsys.com)(?:[\/|\#|\?|:]|$)