feat(mercury): add Mercury API token rules

Signed-off-by: Luke Young <bored-engineer@users.noreply.github.com>

data/rules/mercury.yml

@@ -0,0 +1,67 @@
+rules:
+  - name: Mercury Production API Token
+    id: kingfisher.mercury.1
+    pattern: |
+      (?x)
+      \b
+      (
+        mercury_production_
+        [a-z]{3,6}
+        _
+        [a-zA-Z0-9]{40,50}
+        _yrucrem
+      )
+      \b
+    min_entropy: 3.5
+    confidence: medium
+    examples:
+      - Bearer secret-token:mercury_production_wma_24SCp4G81X3yHL4Wq8FgzuaP9ye3VKf2mgTDctXyRg5HY_yrucrem
+    references:
+      - https://docs.mercury.com/docs/api-token-security-policies
+    validation:
+      type: Http
+      content:
+        request:
+          headers:
+            Authorization: Bearer {{ TOKEN }}
+            Accept: application/json
+          method: GET
+          response_matcher:
+            - report_response: true
+            - status:
+                - 200
+              type: StatusMatch
+          url: https://api.mercury.com/api/v1/accounts
+  - name: Mercury Non-Production API Token
+    id: kingfisher.mercury.2
+    pattern: |
+      (?x)
+      \b
+      (
+        mercury_sandbox_
+        [a-z]{3,6}
+        _
+        [a-zA-Z0-9]{40,50}
+        _yrucrem
+      )
+      \b
+    min_entropy: 3.5
+    confidence: medium
+    examples:
+      - Bearer secret-token:mercury_sandbox_rma_24pnbcT7NygLbpJPr4xBuSuBDpo6tK89S8u3ERYn3FXVz_yrucrem
+    references:
+      - https://docs.mercury.com/docs/api-token-security-policies
+    validation:
+      type: Http
+      content:
+        request:
+          headers:
+            Authorization: Bearer {{ TOKEN }}
+            Accept: application/json
+          method: GET
+          response_matcher:
+            - report_response: true
+            - status:
+                - 200
+              type: StatusMatch
+          url: https://api-sandbox.mercury.com/api/v1/accounts