Secrets Rules
Secrets rules detect credentials and sensitive tokens committed into source code, including repository history where applicable.
Secrets Rule Table (Example)
| ID | Title | Description | Remediation | Tags |
|---|---|---|---|---|
| SECRET-0001 | API key / token detected | Detects committed API tokens in code or configuration files. | Revoke or rotate immediately; remove from the repository; use a secret manager with environment-based injection. | secrets, token, rotation |
| SECRET-0002 | Cloud credential detected | Detects cloud access keys (AWS, GCP, Azure patterns) and related sensitive values. | Revoke or rotate credentials; audit usage; move credentials to a secret manager. | secrets, cloud-credentials |
NOTE
Secrets rules should link from the issue details page to a standalone internal guidance document
Example : “Recommendation for Secret Detected”