rules: - name: Supabase Management Token id: kingfisher.supabase.1 pattern: | (?xi) ( sbp_[a-z0-9_-]{40} ) pattern_requirements: min_digits: 2 min_entropy: 3.5 confidence: medium examples: - sbp_abcd1234efgh5678ijkl9012mnop3456qrst7890 - sbp_1234567890abcdefghij1234567890klmnopqrst references: - https://supabase.com/docs/reference/api/v1-get-an-organization validation: type: Http content: request: headers: Authorization: "Bearer {{ TOKEN }}" method: GET url: https://api.supabase.com/v1/organizations response_matcher: - report_response: true - type: StatusMatch status: - 200 - name: Supabase Project API Key id: kingfisher.supabase.2 pattern: | (?xi) ( sb_secret_[a-z0-9_-]{31} ) pattern_requirements: min_uppercase: 3 min_lowercase: 3 min_entropy: 4.0 confidence: medium validation: type: Http content: request: method: GET url: "{{SBPROJECTURL}}/rest/v1/?select=*" headers: Apikey: "{{TOKEN}}" User-Agent: "" response_matcher: - report_response: true - type: StatusMatch status: [200] - type: WordMatch words: - '"host":' references: - https://supabase.com/docs/reference/api/v1-get-an-organization examples: - "sb_secret_9uM4GhB0STF5R4K3HxQtlg_bzWW6DRj" - "sb_secret_szE_jsbktD3pWgnfUjgahw_hcHEIOBH" depends_on_rule: - rule_id: "kingfisher.supabase.3" variable: SBPROJECTURL - name: Supabase Project URL id: kingfisher.supabase.3 pattern: (?xi) \b ( https:\/\/[a-z0-9]{16,32}\.supabase\.co ) \b confidence: medium min_entropy: 3.0 visible: false references: - https://supabase.com/docs/guides/api examples: - "https://ejcvydfyxzmbtfbfstnq.supabase.co"