If you want to help improve the scanner rules then here are a few pointers.
The Active Scan rules are defined in different add-ons depending on its quality:
The Passive Scan rules are defined in different add-ons depending on its quality:
Having a look at how these rules work would be a good place to start.
Note that the current Active rules tend to use regex expressions for analysing responses.
Issue 244 has been raised to cover enhancing ZAP to support all of the WatcherRules.
Any suggestions for new rules or code that implements new rules or improves existing ones will be gratefully received!