npm - mcp-server-semgrep - Versions diffs - 1.0.0 - Mend

mcp-server-semgrep 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4012) hide show

package/semgrep-rules/generic/secrets/security/detected-private-key.yaml ADDED Viewed

@@ -0,0 +1,38 @@
+rules:
+- id: detected-private-key
+  patterns:
+  - pattern-either:
+    - patterns:
+      - pattern: '-----BEGIN $TYPE PRIVATE KEY----- $KEY'
+      - metavariable-regex:
+          metavariable: $TYPE
+          regex: (?i)([dr]sa|ec|openssh|encrypted)?
+    - patterns:
+      - pattern: |
+          -----BEGIN PRIVATE KEY-----
+          $KEY
+  - metavariable-analysis:
+      metavariable: $KEY
+      analyzer: entropy
+  languages: [generic]
+  message: Private Key detected. This is a sensitive credential and should not be hardcoded here. Instead,
+    store this in a separate, private file.
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/grab/secret-scanner/blob/master/scanner/signatures/pattern.go
+    category: security
+    technology:
+    - secrets
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    references:
+    - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-sauce-token.txt ADDED Viewed

@@ -0,0 +1,14 @@
+# ruleid: detected-sauce-token
+SAUCE_ACCESS_KEY=034e1d2a-681a-4a52-bfa3-256b72c356c0
+# ruleid: detected-sauce-token
+sauce_access_key:034E1D2A-681A-4A52-BFA3-256B72C356C0
+# yarn.lock snippet:
+saucelabs@^1.5.0:
+  version "1.5.0"
+# ok: detected-sauce-token
+  resolved "https://registry.yarnpkg.com/saucelabs/-/saucelabs-1.5.0.tgz#9405a73c360d449b232839919a86c396d379fd9d"
+  integrity sha512-jlX3FGdWvYf4Q3LFfFWS1QvPg3IGCGWxIc8QBFdPTbpTJnt/v17FHXYVAn7C8sHf1yUXo2c7yIM0isDryfYtHQ==
+  dependencies:
+    https-proxy-agent "^2.2.1"

package/semgrep-rules/generic/secrets/security/detected-sauce-token.yaml ADDED Viewed

@@ -0,0 +1,26 @@
+rules:
+- id: detected-sauce-token
+  pattern-regex: |-
+    (?i)sauce.{0,50}(\\\"|'|`)?[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[0-9a-f]{4}-[0-9a-f]{12}(\\\"|'|`)?
+  languages: [regex]
+  message: Sauce Token detected
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/grab/secret-scanner/blob/master/scanner/signatures/pattern.go
+    category: security
+    technology:
+    - secrets
+    - sauce
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    references:
+    - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-sendgrid-api-key.txt ADDED Viewed

@@ -0,0 +1,20 @@
+# ruleid: detected-sendgrid-api-key
+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
+# ok: detected-sendgrid-api-key
+PE.ngeVfQFYQlKU0ufo8x5d1A.TwL2iGABf9DHoTf-09kqeF8tAmbihYzrnopKc-1s5cr
+# ok: detected-sendgrid-api-key
+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
+# ok: detected-sendgrid-api-key
+SG.ngeVfQFYQlKU0ufo8x5d1A.TwL2iGABf9DHoTf-09kqeF8tAmbihYzrnopKc-1s5c
+# ok: detected-sendgrid-api-key
+SG.ngeVfQFYQlKU0ufo8x5d1A.TwL2iGABf9DHoTf-09kqeF8tAmbihYzrnopKc-1s5crt
+# ok: detected-sendgrid-api-key
+SG.ngeVfQFYQlKU0ufo8x5d1.TwL2iGABf9DHoTf-09kqeF8tAmbihYzrnopKc-1s5cr
+# ok: detected-sendgrid-api-key
+SGngeVfQFYQlKU0ufo8x5d1ATwL2iGABf9DHoTf09kqeF8tAmbihYzrnopKc1s5cr

package/semgrep-rules/generic/secrets/security/detected-sendgrid-api-key.yaml ADDED Viewed

@@ -0,0 +1,26 @@
+rules:
+- id: detected-sendgrid-api-key
+  pattern-regex: |-
+    SG\.[a-zA-Z0-9]{22}\.[a-zA-Z0-9-]{43}\b
+  languages: [regex]
+  message: SendGrid API Key detected
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/narendrakadali/gitrob/blob/master/rules/contentsignatures.json
+    category: security
+    technology:
+    - secrets
+    - sendgrid
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    references:
+    - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-slack-token.txt ADDED Viewed

@@ -0,0 +1,5 @@
+# ruleid: detected-slack-token
+SLACK_TOKEN=xoxb-244636495000-244564491300-Wwpw98abcdabcdefabcdabcz
+# ruleid: detected-slack-token
+SLACK_TOKEN=xoxp-825568119270-820571134562-983439002315-b3358323912928aeeeeeeeeeeeeeeezz

package/semgrep-rules/generic/secrets/security/detected-slack-token.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+rules:
+- id: detected-slack-token
+  pattern-either:
+  - pattern-regex: (xox[pboa]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})
+  - pattern-regex: xox.-[0-9]{12}-[0-9]{12}-[0-9a-zA-Z]{24}
+  languages: [regex]
+  message: Slack Token detected
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
+    references:
+    - https://github.com/davidburkitt/python-secret-scanner/blob/335a1f6dab8de59cf39063e57aea39a58951e939/patterns.txt#L58
+    category: security
+    technology:
+    - secrets
+    - slack
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-slack-webhook.txt ADDED Viewed

@@ -0,0 +1,8 @@
+# ruleid: detected-slack-webhook
+https://hooks.slack.com/services/T12345678/B12345678/abcd1234efgh5678ijkl90zy
+# ruleid: detected-slack-webhook
+https://hooks.slack.com/services/T12345678/B1234567890/abcd1234efgh5678ijkl90zy
+# ok: detected-slack-webhook
+https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX

package/semgrep-rules/generic/secrets/security/detected-slack-webhook.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+rules:
+- id: detected-slack-webhook
+  patterns:
+    - pattern-regex: https://hooks\.slack\.com/services/T[a-zA-Z0-9_]{8,10}/B[a-zA-Z0-9_]{8,10}/[a-zA-Z0-9_]{24}
+    - pattern-not: https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX
+  languages: [regex]
+  message: Slack Webhook detected
+  severity: ERROR
+  metadata:
+    references:
+    - https://api.slack.com/messaging/webhooks
+    source-rule-url: https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
+    category: security
+    technology:
+    - secrets
+    - slack
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-snyk-api-key.txt ADDED Viewed

@@ -0,0 +1,17 @@
+# ruleid: detected-snyk-api-key
+snyk_token: 12e45678-12e4-12e4-12e4-12e456789012
+# ruleid: detected-snyk-api-key
+API_SNYK='12e45678-12e4-12e4-12e4-12e456789012'
+# ruleid: detected-snyk-api-key
+snyktoken="12e45678-12e4-12e4-12e4-12e456789012"
+# ruleid: detected-snyk-api-key
+snyktoken=`12e45678-12e4-12e4-12e4-12e456789012`
+# ok: detected-snyk-api-key
+12e4567812e412e412e412e456789012
+# ok: detected-snyk-api-key
+other_token: 12e45678-12e4-12e4-12e4-12e456789012

package/semgrep-rules/generic/secrets/security/detected-snyk-api-key.yaml ADDED Viewed

@@ -0,0 +1,25 @@
+rules:
+- id: detected-snyk-api-key
+  pattern-regex: |-
+    (?i)snyk.{0,50}['|"|`]?[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}['"\s]?
+  languages: [regex]
+  message: Snyk API Key detected
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    category: security
+    technology:
+    - secrets
+    - snyk
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    references:
+    - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-softlayer-api-key.txt ADDED Viewed

@@ -0,0 +1,17 @@
+# ruleid: detected-softlayer-api-key
+SOFTLAYER: abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234
+# ruleid: detected-softlayer-api-key
+softlayer="abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
+# ruleid: detected-softlayer-api-key
+SoftLayerApiKey = 'abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234'
+# ruleid: detected-softlayer-api-key
+My-SoftLayer-Api-Key= `abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234`
+# ok: detected-softlayer-api-key
+SOFTLAYER: abcd_234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234
+# ok: detected-softlayer-api-key
+SOFTLAYER: abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd123

package/semgrep-rules/generic/secrets/security/detected-softlayer-api-key.yaml ADDED Viewed

@@ -0,0 +1,26 @@
+rules:
+- id: detected-softlayer-api-key
+  pattern-regex: |-
+    (?i)softlayer.{0,50}["|'|`]?[a-z0-9]{64}["|'|`]?
+  languages: [regex]
+  message: SoftLayer API Key detected
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/Yelp/detect-secrets/blob/master/detect_secrets/plugins/softlayer.py
+    category: security
+    technology:
+    - secrets
+    - softlayer
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    references:
+    - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-sonarqube-docs-api-key.txt ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ # ruleid: detected-sonarqube-docs-api-key
2	+ SONARQUBE=5eeee8e4deeee2dbfeeeedbeeeec37b7eeeea7b9

package/semgrep-rules/generic/secrets/security/detected-sonarqube-docs-api-key.yaml ADDED Viewed

@@ -0,0 +1,39 @@
+rules:
+- id: detected-sonarqube-docs-api-key
+  pattern-regex: |-
+    (?i)sonar.{0,50}(\\\"|'|`)?[0-9a-f]{40}(\\\"|'|`)?
+  languages: [regex]
+  message: SonarQube Docs API Key detected
+  severity: ERROR
+  paths:
+    exclude:
+      - "*.svg"
+      - "*go.sum"
+      - "*cargo.lock"
+      - "*package.json"
+      - "*yarn.lock"
+      - "*package-lock.json"
+      - "*bundle.js"
+      - "*pnpm-lock*"
+      - "*Podfile.lock"
+      - "*/openssl/*.h"
+      - "*.xcscmblueprint"
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/grab/secret-scanner/blob/master/scanner/signatures/pattern.go
+    category: security
+    technology:
+    - secrets
+    - sonarqube
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    references:
+    - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-square-access-token.txt ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ # ruleid: detected-square-access-token
2	+ sq0atp-KoblahBLAHBLAHbEHA6yuw

package/semgrep-rules/generic/secrets/security/detected-square-access-token.yaml ADDED Viewed

@@ -0,0 +1,25 @@
+rules:
+- id: detected-square-access-token
+  pattern-regex: sq0atp-[0-9A-Za-z\-_]{22}
+  languages: [regex]
+  message: Square Access Token detected
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
+    category: security
+    technology:
+    - secrets
+    - square
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    references:
+    - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-square-oauth-secret.txt ADDED Viewed

@@ -0,0 +1,5 @@
+# ruleid: detected-square-oauth-secret
+sq0csp-0123456789abcdefghijklmnopqrstuvwxyz-blah_x
+# ruleid: detected-square-oauth-secret
+square_oauth = sq0csp-ABCDEFGHIJK_LMNOPQRSTUVWXYZ-0123456789\abcd

package/semgrep-rules/generic/secrets/security/detected-square-oauth-secret.yaml ADDED Viewed

@@ -0,0 +1,26 @@
+rules:
+- id: detected-square-oauth-secret
+  pattern-regex: |-
+    sq0csp-[0-9A-Za-z\\\-_]{43}
+  languages: [regex]
+  message: Square OAuth Secret detected
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
+    references:
+    - https://github.com/Yelp/detect-secrets/blob/master/tests/plugins/square_oauth_test.py
+    category: security
+    technology:
+    - secrets
+    - square
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-ssh-password.txt ADDED Viewed

@@ -0,0 +1,8 @@
+# ruleid: detected-ssh-password
+sshpass -p 'blah'
+# ok: detected-ssh-password
+cmdInput := fmt.Sprintf("sshpass -p '%s'", password)
+# ok: detected-ssh-password
+cmdInput := fmt.Sprintf("sshpass -p %s", password)

package/semgrep-rules/generic/secrets/security/detected-ssh-password.yaml ADDED Viewed

@@ -0,0 +1,26 @@
+rules:
+- id: detected-ssh-password
+  pattern-regex: |-
+    sshpass -p\s*['|\\\"][^%]
+  languages: [regex]
+  message: SSH Password detected
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/grab/secret-scanner/blob/master/scanner/signatures/pattern.go
+    category: security
+    technology:
+    - secrets
+    - ssh
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    references:
+    - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-stripe-api-key.txt ADDED Viewed

@@ -0,0 +1,5 @@
+# ruleid: detected-stripe-api-key
+sk_live_xf2fh0Hu3LqXlqqUg2DEWhEz
+# ok: detected-stripe-api-key
+sk_live_

package/semgrep-rules/generic/secrets/security/detected-stripe-api-key.yaml ADDED Viewed

@@ -0,0 +1,25 @@
+rules:
+- id: detected-stripe-api-key
+  pattern-regex: sk_live_[0-9a-zA-Z]{24}
+  languages: [regex]
+  message: Stripe API Key detected
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
+    category: security
+    technology:
+    - secrets
+    - stripe
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    references:
+    - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-stripe-restricted-api-key.txt ADDED Viewed

@@ -0,0 +1,5 @@
+# ruleid: detected-stripe-restricted-api-key
+rk_live_xf2fh0Hu3LqXlqqUg2DEWhEz
+# ok: detected-stripe-restricted-api-key
+rk_live_

package/semgrep-rules/generic/secrets/security/detected-stripe-restricted-api-key.yaml ADDED Viewed

@@ -0,0 +1,25 @@
+rules:
+- id: detected-stripe-restricted-api-key
+  pattern-regex: rk_live_[0-9a-zA-Z]{24}
+  languages: [regex]
+  message: Stripe Restricted API Key detected
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
+    category: security
+    technology:
+    - secrets
+    - stripe
+    confidence: MEDIUM
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    references:
+    - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: LOW

package/semgrep-rules/generic/secrets/security/detected-telegram-bot-api-key.php ADDED Viewed

@@ -0,0 +1,12 @@
+<?php
+// ruleid: detected-telegram-bot-api-key
+define('BOT_TOKEN', '12345678:AA101703Wd8JLT6GCtKzxatRHQREQUk_CpK');
+define('API_URL', 'https://api.telegram.org/bot'.BOT_TOKEN.'/');
+// ok: detected-telegram-bot-api-key
+define('GO.MOD', 'github.com/gorilla/mux v1.7.4/go.mod 11:AAbg23sWSpFRCP0SfiEN6jmj59UnWan46BH5rLB7');
+// ok: detected-telegram-bot-api-key
+define('DO_NOT_DETECT_ME', 'github.com/valyala/fasthttp v1.24.0 h1:AAiG4oLDUArTb7rYf9oO2bkGooOqCaUF6a2u8asBP3I=')
+?>

package/semgrep-rules/generic/secrets/security/detected-telegram-bot-api-key.yaml ADDED Viewed

@@ -0,0 +1,29 @@
+rules:
+- id: detected-telegram-bot-api-key
+  patterns:
+  - pattern-regex: '[0-9]+:AA[0-9A-Za-z\-_]{33}'
+  - pattern-not-regex: go\.mod.*
+  - pattern-not-regex: v[\d]+\.[\d]+\.[\d]+.*
+  languages:
+  - regex
+  message: Telegram Bot API Key detected
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
+    category: security
+    technology:
+    - secrets
+    - telegram
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    references:
+    - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM

package/semgrep-rules/generic/secrets/security/detected-twilio-api-key.txt ADDED Viewed

@@ -0,0 +1,5 @@
+# ruleid: detected-twilio-api-key
+SK575796bb721246b5fe003bcc32ebde77
+# ok: detected-twilio-api-key
+SKblah

package/semgrep-rules/generic/secrets/security/detected-twilio-api-key.yaml ADDED Viewed

@@ -0,0 +1,25 @@
+rules:
+- id: detected-twilio-api-key
+  pattern-regex: SK[0-9a-fA-F]{32}
+  languages: [regex]
+  message: Twilio API Key detected
+  severity: ERROR
+  metadata:
+    cwe:
+    - 'CWE-798: Use of Hard-coded Credentials'
+    source-rule-url: https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
+    category: security
+    technology:
+    - secrets
+    - twilio
+    confidence: LOW
+    owasp:
+    - A07:2021 - Identification and Authentication Failures
+    references:
+    - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
+    cwe2022-top25: true
+    cwe2021-top25: true
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: MEDIUM