From 98d009deaebac4b12ee6dc7c070c09c0b9d7561d Mon Sep 17 00:00:00 2001
From: Akshay Jain <akjain_navan@users.noreply.github.com>
Date: Wed, 7 Jan 2026 13:38:53 +0530
Subject: [PATCH] Add ScraperAPI key detection rule
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Adds a new rule to detect ScraperAPI keys with:
- Pattern matching for 32-character alphanumeric keys
- Live validation against ScraperAPI endpoint
- Medium confidence with entropy check (min 3.5)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 data/rules/scraperapi.yml | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 data/rules/scraperapi.yml

diff --git a/data/rules/scraperapi.yml b/data/rules/scraperapi.yml
new file mode 100644
index 0000000..2bca1ac
--- /dev/null
+++ b/data/rules/scraperapi.yml
@@ -0,0 +1,35 @@
+rules:
+  - name: ScraperAPI Key
+    id: kingfisher.scraperapi.1
+    pattern: |
+      (?xi)
+      \b(?:scraper(?:\s|[_-])?api|scraperapi)
+      (?:.|[\n\r]){0,32}?
+      (?:key|token|api[_-]?key)
+      (?:.|[\n\r]){0,16}?
+      ([a-z0-9]{32})
+      \b
+    pattern_requirements:
+      min_digits: 2
+      min_lowercase: 10
+    min_entropy: 3.5
+    confidence: medium
+    examples:
+      - 'SCRAPERAPI_KEY=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6'
+      - 'scraper_api_token: "9f8e7d6c5b4a3029182736455463728a"'
+    references:
+      - https://www.scraperapi.com/documentation/
+    validation:
+      type: Http
+      content:
+        request:
+          method: GET
+          url: "https://api.scraperapi.com?api_key={{ TOKEN }}&url=http://httpbin.org/ip"
+          response_matcher:
+            - report_response: true
+            - type: StatusMatch
+              status: [200]
+            - type: JsonValid
+            - type: WordMatch
+              words:
+                - '"origin"'