{
  "id": "stellaops.secrets.jwt-secret",
  "version": "1.0.0",
  "name": "JWT Secret Key",
  "description": "Detects JWT secret keys in configuration",
  "type": "regex",
  "pattern": "(?i)(?:jwt[_-]?secret|jwt[_-]?key|secret[_-]?key)['\"]?\\s*[:=]\\s*['\"]?([A-Za-z0-9+/=_-]{32,})['\"]?",
  "severity": "high",
  "confidence": "medium",
  "keywords": ["jwt_secret", "jwt_key", "secret_key", "JWT"],
  "filePatterns": ["*.yml", "*.yaml", "*.json", "*.env", "*.properties", "*.config", "appsettings.json"],
  "enabled": true,
  "tags": ["jwt", "authentication", "credentials"],
  "references": [
    "https://jwt.io/introduction"
  ]
}