save progress

offline/rules/secrets/sources/github-pat.json

@@ -0,0 +1,17 @@
+{
+  "id": "stellaops.secrets.github-pat",
+  "version": "1.0.0",
+  "name": "GitHub Personal Access Token",
+  "description": "Detects GitHub Personal Access Tokens (classic and fine-grained)",
+  "type": "regex",
+  "pattern": "(?:ghp|gho|ghu|ghs|ghr)_[A-Za-z0-9_]{36,255}",
+  "severity": "critical",
+  "confidence": "high",
+  "keywords": ["ghp_", "gho_", "ghu_", "ghs_", "ghr_", "github"],
+  "filePatterns": ["*.yml", "*.yaml", "*.json", "*.env", "*.properties", "*.sh", "*.bash", "*.md", "*.txt"],
+  "enabled": true,
+  "tags": ["github", "vcs", "credentials", "token"],
+  "references": [
+    "https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens"
+  ]
+}