2026-01-01 22:24:57 -08:00
|
|
|
rules:
|
|
|
|
|
- name: Owlbot API Key
|
|
|
|
|
id: kingfisher.owlbot.1
|
|
|
|
|
pattern: |
|
|
|
|
|
(?xi)
|
|
|
|
|
\b
|
|
|
|
|
owlbot
|
|
|
|
|
(?:.|[\n\r]){0,64}?
|
|
|
|
|
(?:api[_-]?key|secret|private|access|token|key)
|
|
|
|
|
(?:.|[\n\r]){0,64}?
|
|
|
|
|
\b
|
|
|
|
|
(
|
|
|
|
|
[a-f0-9]{40}
|
|
|
|
|
)
|
|
|
|
|
\b
|
|
|
|
|
pattern_requirements:
|
|
|
|
|
min_digits: 2
|
|
|
|
|
min_entropy: 3.5
|
|
|
|
|
confidence: medium
|
|
|
|
|
examples:
|
|
|
|
|
- "owlbot SECRET b7d21c0e88e9a3c5938fb045b2b6a5e693eaf9d1"
|
|
|
|
|
- "owlbot TOKEN 8a5de3a89b7e4f29bf728b45adcdea6ea3410c78"
|
|
|
|
|
references:
|
2026-02-10 19:24:19 -08:00
|
|
|
- https://documentation.owlbot.ai/
|
2026-01-01 22:24:57 -08:00
|
|
|
validation:
|
|
|
|
|
type: Http
|
|
|
|
|
content:
|
|
|
|
|
request:
|
|
|
|
|
method: GET
|
2026-02-10 19:43:34 -08:00
|
|
|
url: "https://www.owlbot.ai/api/login/checkToken"
|
2026-01-01 22:24:57 -08:00
|
|
|
headers:
|
2026-02-10 19:43:34 -08:00
|
|
|
# Owlbot expects the API key directly in `Authorization`.
|
|
|
|
|
Authorization: "{{ TOKEN }}"
|
2026-01-01 22:24:57 -08:00
|
|
|
Accept: application/json
|
|
|
|
|
response_matcher:
|
|
|
|
|
- report_response: true
|
|
|
|
|
- type: StatusMatch
|
|
|
|
|
status: [200]
|
|
|
|
|
- type: WordMatch
|
2026-02-10 19:43:34 -08:00
|
|
|
words: ['"user"', '"chatbot"']
|
