[HINT] Download the complete skill directory including SKILL.md and all related files
| name | rule-optimize |
| description | Workflow for modifying and benchmarking detection rules |
| user-invocable | true |
Use after modifying rules in crates/scanner-engine/default_rules.yaml
(loaded by crates/scanner-engine/src/rules/).
cargo test to verify no regressionsRUSTFLAGS="-C target-cpu=native" cargo build --release./target/release/scanner-rs ../linux ../gitleaks ../tigerbeetle ../trufflehog
Note:
../linux,../gitleaks,../tigerbeetle,../trufflehogare external test corpus directories. They are optional and must be cloned separately if not already present.
When adding or modifying rules:
sgp_, hvs., AKIA) over service name keywords[a-fA-F0-9]{40} that match git SHAscargo bench --bench rule_isolation -- <rule_id>.* followed by greedy quantifiersBefore making changes, capture baseline:
# Run 3x and record median throughput
for i in 1 2 3; do
./target/release/scanner-rs ../linux 2>&1 | tail -1
done
After changes, compare:
# Calculate % change
# Acceptable: <2% regression
# Investigate: 2-5% regression
# Block: >5% regression without justification
| Item | Path |
|---|---|
| Default rules YAML | crates/scanner-engine/default_rules.yaml |
| Rules module | crates/scanner-engine/src/rules/ |
| Release binary | ./target/release/scanner-rs (from scanner-rs-cli) |
/bench-compare - Criterion benchmark comparison/perf-regression - Full performance regression workflow/test-strategy - Choose testing approach for rule changes