Class SecretPatternLibrary

Namespace

JD.AI.Core.Security

Assembly

JD.AI.Core.dll

A curated library of regex patterns for detecting common secret types. These patterns complement custom patterns loaded from policy YAML files.

public static class SecretPatternLibrary

Inheritance

object

SecretPatternLibrary

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ReferenceEquals(object, object)

object.ToString()

Fields

AnthropicKey

Anthropic API keys (sk-ant-…).

public const string AnthropicKey = "sk-ant-[a-zA-Z0-9\\-_]{93}"

Field Value

string

AwsAccessKeyId

AWS access key IDs (AKIA…).

public const string AwsAccessKeyId = "AKIA[0-9A-Z]{16}"

Field Value

string

AwsSecretAccessKey

AWS secret access key (40 alphanumeric chars after typical env-var assignments).

public const string AwsSecretAccessKey = "(?i)aws_secret_access_key\\s*=\\s*[0-9a-zA-Z/+]{40}"

Field Value

string

DatabaseConnectionString

Database connection strings containing passwords.

public const string DatabaseConnectionString = "(?i)(?:password|pwd)\\s*=\\s*[^;\"'\\s]{8,}"

Field Value

string

GenericBase64Secret

Generic high-entropy base64 strings often used as API secrets (≥32 chars).

public const string GenericBase64Secret = "(?i)(?:api[_\\-]?key|secret|token|password|passwd|pwd)\\s*[=:]\\s*[a-zA-Z0-9+/]{32,}={0,2}"

Field Value

string

GitHubActionsToken

GitHub Actions runner tokens (ghs_…).

public const string GitHubActionsToken = "ghs_[a-zA-Z0-9]{36}"

Field Value

string

GitHubClassicPat

GitHub classic personal access tokens (ghp_…).

public const string GitHubClassicPat = "ghp_[a-zA-Z0-9]{36}"

Field Value

string

GitHubFineGrainedPat

GitHub fine-grained personal access tokens (github_pat_…).

public const string GitHubFineGrainedPat = "github_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{59}"

Field Value

string

GitHubOAuthToken

GitHub OAuth tokens (gho_…).

public const string GitHubOAuthToken = "gho_[a-zA-Z0-9]{36}"

Field Value

string

HuggingFaceToken

HuggingFace access tokens (hf_…).

public const string HuggingFaceToken = "hf_[a-zA-Z0-9]{36,}"

Field Value

string

Jwt

JSON Web Tokens (three Base64url segments separated by dots).

public const string Jwt = "eyJ[a-zA-Z0-9\\-_]+\\.eyJ[a-zA-Z0-9\\-_]+\\.[a-zA-Z0-9\\-_]+"

Field Value

string

OpenAiKey

OpenAI API keys (sk-…).

public const string OpenAiKey = "sk-[a-zA-Z0-9]{40,}"

Field Value

string

PemPrivateKey

PEM private key headers (RSA, EC, PKCS8, etc.).

public const string PemPrivateKey = "-----BEGIN (?:RSA |EC |OPENSSH |ENCRYPTED )?PRIVATE KEY-----"

Field Value

string

StripeSecretKey

Stripe secret keys (sk_live_…, sk_test_…).

public const string StripeSecretKey = "sk_(?:live|test)_[a-zA-Z0-9]{24,}"

Field Value

string

Properties

All

Returns the full set of built-in secret detection patterns.

public static IReadOnlyList<string> All { get; }

Property Value

IReadOnlyList<string>

HighConfidence

Returns a subset of high-confidence patterns with minimal false positives, suitable for blocking actions (vs. audit-only scanning).

public static IReadOnlyList<string> HighConfidence { get; }

Property Value

IReadOnlyList<string>