rules:
  - name: Clearbit API Key
    id: kingfisher.clearbit.1
    pattern: |
      (?xi)
      \b
      clearbit
      (?:.|[\n\r]){0,16}?
      (?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
      (?:.|[\n\r]){0,32}?
      \b
      (
        [0-9a-z_]{35}
      )
      \b
    pattern_requirements:
      min_digits: 2
    min_entropy: 3.5
    confidence: medium
    examples:
      - clearbit_token = tq50141fm92fl4nid9c1c7liouhbertbvg1
    validation:
      type: Http
      content:
        request:
          method: GET
          url: https://discovery.clearbit.com/v1/companies/entities?name=kingfisher
          headers:
            Authorization: "Bearer {{ TOKEN }}"
          response_matcher:
            - report_response: true
            - type: WordMatch
              words:
                - '"Invalid API key provided"'
              negative: true