save progress

offline/rules/secrets/sources/generic-password.json

@@ -0,0 +1,16 @@
+{
+  "id": "stellaops.secrets.generic-password",
+  "version": "1.0.0",
+  "name": "Generic Password Assignment",
+  "description": "Detects hardcoded password assignments in configuration and code",
+  "type": "regex",
+  "pattern": "(?i)(?:password|passwd|pwd)['\"]?\\s*[:=]\\s*['\"]([^'\"\\s]{8,})['\"]",
+  "severity": "high",
+  "confidence": "low",
+  "keywords": ["password", "passwd", "pwd"],
+  "filePatterns": ["*.yml", "*.yaml", "*.json", "*.env", "*.properties", "*.config", "*.xml"],
+  "enabled": true,
+  "allowlistPatterns": ["\\$\\{", "\\{\\{", "%[A-Z_]+%", "\\$env:", "process\\.env"],
+  "tags": ["password", "credentials", "generic"],
+  "references": []
+}