Use when adding or modifying rules in default_rules.yaml, when benchmarking rule performance against test corpuses, or when validating regex anchors and keyword choices. Detection rule edit-bench-compare workflow.
Installation
Mit Codex oder Claude installieren Kopieren Sie diesen Prompt, fügen Sie ihn in Codex, Claude oder einen anderen Assistant ein und lassen Sie die Skill-Seite prüfen und installieren.
Use when adding or modifying rules in default_rules.yaml, when benchmarking rule performance against test corpuses, or when validating regex anchors and keyword choices. Detection rule edit-bench-compare workflow.
user-invocable
true
Rule Optimization Workflow
Use after modifying rules in crates/scanner-engine/default_rules.yaml
(loaded by crates/scanner-engine/src/rules/).
Note:../linux, ../gitleaks, ../tigerbeetle, ../trufflehog are
external test corpus directories. They are optional and must be cloned
separately if not already present.
Compare throughput/findings against baseline
Document anchor/keyword choice if non-obvious (add inline comment)
Pattern Guidelines
When adding or modifying rules:
Anchors
Prefer structured prefixes (sgp_, hvs., AKIA) over service name keywords
Avoid generic patterns like [a-fA-F0-9]{40} that match git SHAs
