feat: add PrivateAI rule (#1548)

gitleaks · Oct 6, 2024 · 00bb821 · 00bb821
1 parent 445abe3
commit 00bb821
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 0 deletions.
diff --git a/cmd/generate/config/main.go b/cmd/generate/config/main.go
@@ -153,6 +153,7 @@ func main() {
 		rules.PlanetScaleOAuthToken(),
 		rules.PostManAPI(),
 		rules.Prefect(),
+		rules.PrivateAIToken(),
 		rules.PrivateKey(),
 		rules.PulumiAPIToken(),
 		rules.PyPiUploadToken(),

diff --git a/cmd/generate/config/rules/privateai.go b/cmd/generate/config/rules/privateai.go
@@ -0,0 +1,31 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func PrivateAIToken() *config.Rule {
+	// https://docs.private-ai.com/reference/latest/operation/metrics_metrics_get/
+	r := config.Rule{
+		RuleID:      "privateai-api-token",
+		Description: "Identified a PrivateAI Token, posing a risk of unauthorized access to AI services and data manipulation.",
+		Regex:       utils.GenerateSemiGenericRegex([]string{"private[_-]?ai"}, `[a-z0-9]{32}`, false),
+		Entropy:     3,
+		Keywords: []string{
+			"privateai",
+			"private_ai",
+			"private-ai",
+		},
+	}
+
+	// validate
+	tps := []string{
+		utils.GenerateSampleSecret("privateai", secrets.NewSecret(utils.AlphaNumeric("32"))),
+	}
+	fps := []string{
+		`const privateaiToken = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";`,
+	}
+	return utils.Validate(r, tps, fps)
+}
diff --git a/config/gitleaks.toml b/config/gitleaks.toml
@@ -2426,6 +2426,17 @@ description = "Identified a Private Key, which may compromise cryptographic secu
 regex = '''(?i)-----BEGIN[ A-Z0-9_-]{0,100}PRIVATE KEY(?: BLOCK)?-----[\s\S-]*?KEY(?: BLOCK)?-----'''
 keywords = ["-----begin"]
 
+[[rules]]
+id = "privateai-api-token"
+description = "Identified a PrivateAI Token, posing a risk of unauthorized access to AI services and data manipulation."
+regex = '''(?i:(?:private[_-]?ai)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3})(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
+entropy = 3
+keywords = [
+    "privateai",
+    "private_ai",
+    "private-ai",
+]
+
 [[rules]]
 id = "pulumi-api-token"
 description = "Found a Pulumi API token, posing a risk to infrastructure as code services and cloud resource management."