Skip to content

feat(EXPOSED_SECRETS): expand secret coverage and stop leaking matched secrets in evidence#38

Open
dmchaledev wants to merge 1 commit into
mainfrom
claude/amazing-franklin-c1znpv
Open

feat(EXPOSED_SECRETS): expand secret coverage and stop leaking matched secrets in evidence#38
dmchaledev wants to merge 1 commit into
mainfrom
claude/amazing-franklin-c1znpv

Conversation

@dmchaledev

Copy link
Copy Markdown
Contributor

Summary

Two related correctness/safety fixes to the core EXPOSED_SECRETS rule (src/rules/runtime-rules.ts).

1. Coverage gap — common secrets (including Anthropic keys) go undetected

The rule shipped with only 4 signatures (sk-…, ghp_…, AKIA…, password=…). Most notably, it cannot detect Anthropic API keys — ironic for a tool in the Anthropic/MCP ecosystem. The legacy OpenAI pattern sk-[a-zA-Z0-9]{20,} never matches sk-ant-api03-… because of the embedded hyphens:

$ node dist/cli.js leaky.json --format=table   # config contains a real-shaped sk-ant- key
Found 0 finding(s)  →  PASSED      # before this change: the key slips through

Newly recognized, high-confidence vendor signatures:

  • Anthropic (sk-ant-api…/sk-ant-admin…) — matched before the broader OpenAI sk- pattern so keys are attributed to the right vendor
  • OpenAI including project keys (sk-proj-…)
  • GitHub fine-grained PATs (github_pat_…) and classic gh[oprsu]_… tokens
  • AWS access key IDs (AKIA/ASIA)
  • Google API keys (AIza…)
  • Slack tokens (xox[baprs]-…)
  • Stripe live secret keys (sk_live_…/rk_live_…)
  • PEM private-key blocks (-----BEGIN … PRIVATE KEY-----)

2. The scanner leaked the secret it flagged

evidence echoed up to 57 characters of the raw secret. That evidence is written into SARIF output, which is routinely uploaded to GitHub Code Scanning — re-exposing the exact credential the rule exists to catch. Matched values are now labelled by type and redacted to a short non-sensitive prefix plus length:

"evidence": "Matched value(s): Anthropic API key (sk-a…[redacted, 109 chars])"

Tests

EXPOSED_SECRETS previously had no test coverage. Added a parametrized detection test for every signature, an Anthropic-key regression (the case the legacy pattern missed), an evidence-redaction assertion, and a no-false-positive check on ordinary config strings.

  • npm run typecheck
  • npm run lint
  • npm test ✅ (133 passed, up from 118)
  • npm run build

Notes

  • No new runtime dependencies; localized to the one rule plus its tests.
  • The dedicated ghp_ entry was dropped as redundant — the gh[oprsu]_ pattern already covers ghp_/gho_/ghr_/ghs_/ghu_.

🤖 Generated with Claude Code

https://claude.ai/code/session_01M1zsQVC8kHrLpQw5UtjZoS


Generated by Claude Code

The secret scanner only recognized 4 credential formats and, notably,
could not detect Anthropic API keys — the legacy `sk-[a-zA-Z0-9]{20,}`
pattern never matches `sk-ant-api03-…` because of the embedded hyphens.
It also echoed up to 57 chars of the raw secret into a finding's
`evidence`, which is written to SARIF and frequently uploaded to GitHub
Code Scanning, re-exposing the very credential the rule exists to catch.

- Add high-confidence, vendor-specific signatures: Anthropic, OpenAI
  (incl. `sk-proj-`), GitHub fine-grained PATs and classic `gh*_` tokens,
  AWS (AKIA/ASIA), Google API keys, Slack, Stripe live keys, and PEM
  private-key blocks. Anthropic is matched before the broader OpenAI
  `sk-` pattern so keys are attributed to the right vendor.
- Label each match by credential type and redact the value in evidence
  (short prefix + length) so reports no longer leak the secret.
- Add EXPOSED_SECRETS test coverage (previously none), including an
  Anthropic-key regression and an evidence-redaction assertion.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01M1zsQVC8kHrLpQw5UtjZoS
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants