pattern: add HashiCorp Vault token detection

[cettyTheDev]

Summary

• add a HashiCorp Vault service token pattern to the Node and Python scanners
• keep the regex identical across runtimes: hvs\.[a-zA-Z0-9_-]{90,}
• add true-positive and short-token false-positive coverage

Closes #27

Tests

• ./node_modules/.bin/tsc -p tsconfig.json
• ./node_modules/.bin/vitest run ./tests/secret-patterns.test.ts
• .venv/bin/python -m pytest tests/test_regex_scanner.py -q

[Rome-1]

Thank you for this, @cettyTheDev — this is a model contribution. 🙌

You hit every point of our secret-pattern process without being asked:

• Dual-runtime parity — identical hvs\.[a-zA-Z0-9_-]{90,} in both secret-patterns.ts and secret_patterns.py, placed consistently in both files.
• Both a true-positive and a short-token false-positive test in each runtime — exactly the coverage we look for.
• A ReDoS-safe regex (single character class, no nested quantifiers) with a sensible {90,} floor that matches the real Vault service-token shape and won't fire on short hvs.-like strings.
• The "hv" + "s." split in the fixtures so the test file doesn't trip our own scanner — nice touch.

I verified locally on your branch: tsc clean, secret-patterns.test.ts 55/55, test_regex_scanner.py 13/13. Merging now. Closes #27. Welcome aboard, and thanks for making Rafter a little more secure. 🚀

[cettyTheDev]

Thanks for the review and the merge. Glad the runtime parity and test coverage matched the secret-pattern process.