feat(enrichment): detect Axiom API and personal access tokens#3337
Conversation
Add high-confidence secret-scan rules for Axiom xaat- API tokens and xapt- personal access tokens with UUID-shaped bodies, broad tail guards, and truncation plus identifier-continuation negative tests. Co-authored-by: Cursor <cursoragent@cursor.com>
|
🚨 Contributor flagged. Click here for more info: Superagent Dashboard |
|
Superagent didn't find any vulnerabilities or security issues in this PR. |
|
Warning 🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨 ⏸️ Gittensory review result - manual review recommendedReview updated: 2026-07-05 04:10:17 UTC
⏸️ Suggested Action - Manual Review Review summary Nits — 5 non-blocking
Review context
Contributor next steps
Signal definitions
🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed 💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →. Checked by Gittensory, a quiet PR intelligence layer for OSS maintainers.
|
Summary
axiom_api_tokenrule for Axiomxaat-UUID-shaped API tokens (edge ingest/query)axiom_personal_tokenrule for Axiomxapt-personal access tokens(?![A-Za-z0-9_-])tail guards per secret-scan convention (fixes prior Orb blocker)-suffix,_suffix, and non-hex alpha (z) continuationsTest plan
cd review-enrichment && npm run build && node --test test/secret-scan.test.ts(94 passing)Made with Cursor