feat(enrichment): detect Slack enterprise and cookie tokens in secret-scan#3119
Conversation
…-scan The slack_token rule matched xoxb/p/a/r/s but missed xoxe (enterprise) and xoxc (cookie) tokens, so those credentials went unflagged. Extend the type character class; classic bot tokens still match. Co-authored-by: Cursor <cursoragent@cursor.com>
|
🚨 Contributor flagged. Click here for more info: Superagent Dashboard |
|
Superagent didn't find any vulnerabilities or security issues in this PR. |
|
Warning 🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨 ⏸️ Gittensory review result - manual review recommendedReview updated: 2026-07-04 15:13:19 UTC
⏸️ Suggested Action - Manual Review Review summary Nits — 5 non-blocking
Review context
Contributor next steps
Signal definitions
🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed 💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →. Checked by Gittensory, a quiet PR intelligence layer for OSS maintainers.
|
Summary
The
slack_tokenrule matchedxoxb/xoxp/xoxa/xoxr/xoxsbut missedxoxe(enterprise) andxoxc(cookie) tokens, so those credentials went unflagged in PR diffs.Scope
Extends the type character class from
xox[baprs]toxox[baprsec]. Classic bot tokens still match. No value is returned — only kind/confidence/file/line.Test plan
xoxe-…andxoxc-…positives (built from fragments).xoxb-…still flagged.node --test test/secret-scan.test.ts— 23 passed.No linked issue
Self-contained detection-coverage improvement; no tracking issue. Touches only
secret-scan.tsand additive tests.Made with Cursor