Back to Library
Security

Secret Assignment Detector

Detect likely plaintext secrets in config assignments.

Pattern
\b(api[_-]?key|secret|token)\s*=\s*['"][A-Za-z0-9_-]{16,}['"]

Test Cases

api_key="abcDEF0123456789" Match
mode="debug" No Match

Related Blog Guides

Writing Regex Rules for Security Code Scanning

Create high-signal regex signatures for static security scanning with lower false positives and better triage for engineering teams.

Regex Code Review Checklist for Production Teams

A practical review checklist to catch maintainability, performance, and security issues before regex patterns hit production.

Try it Live

Test and customize this pattern in our interactive editor

Open in Editor