From 3645db2214813d8095081275a7996bd593944d95 Mon Sep 17 00:00:00 2001
From: Mick Grove <mick.grove@mongodb.com>
Date: Tue, 21 Apr 2026 16:44:49 -0700
Subject: [PATCH] performance improvements and rule improvements

---
 crates/kingfisher-rules/data/rules/liveblocks.yml |  8 ++++----
 crates/kingfisher-rules/data/rules/livekit.yml    |  2 --
 crates/kingfisher-rules/data/rules/runpod.yml     |  4 ++--
 crates/kingfisher-rules/data/rules/sshpass.yml    |  2 +-
 crates/kingfisher-rules/data/rules/unleash.yml    |  2 --
 crates/kingfisher-rules/data/rules/volcengine.yml | 12 +++++++-----
 crates/kingfisher-rules/data/rules/xata.yml       | 10 ++++++----
 7 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/crates/kingfisher-rules/data/rules/liveblocks.yml b/crates/kingfisher-rules/data/rules/liveblocks.yml
index 104d8bc..d49960c 100644
--- a/crates/kingfisher-rules/data/rules/liveblocks.yml
+++ b/crates/kingfisher-rules/data/rules/liveblocks.yml
@@ -5,16 +5,16 @@ rules:
       (?x)
       \b
       (
-        sk_(?:prod|dev)_[A-Za-z0-9]{24,44}
+        sk_(?:prod|dev)_[A-Za-z0-9_-]{64}
       )
-      \b
+      (?:\b|$)
     pattern_requirements:
       min_digits: 1
     min_entropy: 3.0
     confidence: medium
     examples:
-      - 'LIVEBLOCKS_SECRET_KEY=sk_prod_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6'
-      - 'LIVEBLOCKS_SECRET_KEY="sk_dev_xK8m2LpQr5nW0vYz3cJ7aB4dE6fG8h"'
+      - 'LIVEBLOCKS_SECRET_KEY=sk_prod_a1B2c3D4e5F6g7H8i9J0k1L2m3N4o5P6q7R8s9T0_-a1B2c3D4e5F6g7H8i9J0k1'
+      - 'LIVEBLOCKS_SECRET_KEY="sk_dev_Z9y8X7w6V5u4T3s2R1qPoNmLkJiHgFeDcBa9876543210_-Z9y8X7w6V5u4T3s2R"'
     references:
       - https://liveblocks.io/docs/api-reference/rest-api-endpoints
     validation:
diff --git a/crates/kingfisher-rules/data/rules/livekit.yml b/crates/kingfisher-rules/data/rules/livekit.yml
index 46bc759..b6a49e1 100644
--- a/crates/kingfisher-rules/data/rules/livekit.yml
+++ b/crates/kingfisher-rules/data/rules/livekit.yml
@@ -7,8 +7,6 @@ rules:
       \b
       (?i:livekit)
       (?:.|[\n\r]){0,32}?
-      (?i:(?:API[_-]?KEY|KEY|ACCESS))
-      (?:.|[\n\r]){0,16}?
       \b
       (
         API[A-Za-z0-9]{12}
diff --git a/crates/kingfisher-rules/data/rules/runpod.yml b/crates/kingfisher-rules/data/rules/runpod.yml
index f8e913a..d4a2ddd 100644
--- a/crates/kingfisher-rules/data/rules/runpod.yml
+++ b/crates/kingfisher-rules/data/rules/runpod.yml
@@ -5,7 +5,7 @@ rules:
       (?x)
       \b
       (
-        rpa_[a-zA-Z0-9]{20,60}
+        rpa_[A-Z0-9]{40}[A-Za-z0-9]{6}
       )
       \b
     pattern_requirements:
@@ -14,7 +14,7 @@ rules:
     confidence: high
     categories: [api, key]
     examples:
-      - 'RUNPOD_API_KEY=rpa_ABC123DEF456GHI789JKL012MNO345PQR678'
+      - 'RUNPOD_API_KEY=rpa_ABC123DEF456GHI789JKL012MNO345PQR678STUVX9y2z7'
     validation:
       type: Http
       content:
diff --git a/crates/kingfisher-rules/data/rules/sshpass.yml b/crates/kingfisher-rules/data/rules/sshpass.yml
index c333372..200d612 100644
--- a/crates/kingfisher-rules/data/rules/sshpass.yml
+++ b/crates/kingfisher-rules/data/rules/sshpass.yml
@@ -13,7 +13,7 @@ rules:
     pattern_requirements:
       min_digits: 1
     min_entropy: 2.5
-    confidence: medium
+    confidence: low
     examples:
       - "sshpass -p 'hkjento6hjfdaiwbhC' scp /home/user/data/*.js sftp-user@files.example.com:data/"
       - "sshpass -p \"xY3#mK81wP\" ssh deploy@prod.example.com"
diff --git a/crates/kingfisher-rules/data/rules/unleash.yml b/crates/kingfisher-rules/data/rules/unleash.yml
index bd49e6f..a38a25b 100644
--- a/crates/kingfisher-rules/data/rules/unleash.yml
+++ b/crates/kingfisher-rules/data/rules/unleash.yml
@@ -34,8 +34,6 @@ rules:
       \b
       unleash
       (?:.|[\n\r]){0,32}?
-      (?:PAT|PERSONAL[_-]?ACCESS[_-]?TOKEN|API[_-]?TOKEN|TOKEN|KEY)
-      (?:.|[\n\r]){0,16}?
       \b
       (
         user:[0-9a-f]{56}
diff --git a/crates/kingfisher-rules/data/rules/volcengine.yml b/crates/kingfisher-rules/data/rules/volcengine.yml
index 68e5dfd..b3fc7f0 100644
--- a/crates/kingfisher-rules/data/rules/volcengine.yml
+++ b/crates/kingfisher-rules/data/rules/volcengine.yml
@@ -4,16 +4,18 @@ rules:
     pattern: |
       (?x)
       \b
+      (?i:volcengine)
+      (?:.|[\n\r]){0,32}?
+      \b
       (
-        AKLT[a-zA-Z0-9_-]{16,60}
+        AKLT[a-zA-Z0-9_-]{46,48}
       )
       \b
     pattern_requirements:
-      min_digits: 2
+      min_digits: 4
     min_entropy: 3.0
     confidence: medium
-    categories: [api, key]
     examples:
-      - 'VOLCENGINE_ACCESS_KEY=AKLTabcdefghijklmnop1234567890'
+      - 'VOLCENGINE_ACCESS_KEY=AKLTY2IwOGJIMTdiZmI5NGU1MWFiNWE3MWJkNWY2MDdmOGU'
     references:
-      - https://www.volcengine.com/docs/6291/65568
+      - https://www.volcengine.com/docs/6291/65568
\ No newline at end of file
diff --git a/crates/kingfisher-rules/data/rules/xata.yml b/crates/kingfisher-rules/data/rules/xata.yml
index 7267740..adac94d 100644
--- a/crates/kingfisher-rules/data/rules/xata.yml
+++ b/crates/kingfisher-rules/data/rules/xata.yml
@@ -5,7 +5,7 @@ rules:
       (?x)
       \b
       (
-        xau_[A-Za-z0-9]{24,44}
+        xau_[A-Za-z0-9]{33}
       )
       \b
     pattern_requirements:
@@ -13,8 +13,8 @@ rules:
     min_entropy: 3.0
     confidence: medium
     examples:
-      - 'XATA_API_KEY=xau_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6'
-      - 'Authorization: Bearer xau_xK8m2LpQr5nW0vYz3cJ7aB4dE6fG8h'
+      - 'XATA_API_KEY=xau_A1b2C3d4E5f6G7h8I9j0K1l2M3n4O5p6Q'
+      - 'Authorization: Bearer xau_Z9y8X7w6V5u4T3s2R1qPoNmLkJiHgFeDc'
     references:
       - https://xata.io/docs/concepts/api-keys
     validation:
@@ -22,7 +22,7 @@ rules:
       content:
         request:
           method: GET
-          url: https://api.xata.io/user
+          url: https://api.xata.tech/api-keys
           headers:
             Authorization: "Bearer {{ TOKEN }}"
             Accept: application/json
@@ -31,3 +31,5 @@ rules:
             - type: StatusMatch
               status: [200]
             - type: JsonValid
+            - type: WordMatch
+              words: ['"keys"']