schema_version = 1
detector_id = "box-developer-token"
service = "box"
severity = "high"
[[positive]]
text = "BOX_DEVELOPER_TOKEN=Kp4Qx7Rm2Sn5Tb8Vw3YzKp4Qx7Rm"
credential = "Kp4Qx7Rm2Sn5Tb8Vw3YzKp4Qx7Rm"
reason = "Box developer token env-var (28 alnum)."
[[positive]]
text = "box_developer_token: \"Vk9Bn3Lp7Qm2Rs5Tw8Vk9Bn3Lp\""
credential = "Vk9Bn3Lp7Qm2Rs5Tw8Vk9Bn3Lp"
reason = "Lowercase YAML form."
[[negative]]
text = "BOX_DEVELOPER_TOKEN=short"
reason = "Body below 20 alnum chars."
[[evasion]]
text = "box.developer.token=Kp4Qx7Rm2Sn5Tb8Vw3YzKp4Qx7Rm"
credential = "Kp4Qx7Rm2Sn5Tb8Vw3YzKp4Qx7Rm"
reason = "Dot-separated box.developer.token form."
[perf]
fixture_bytes = 4096
max_microseconds = 25000
note = "Standard single-file budget."
[scale]
fixture_bytes = 1048576
min_findings = 1
max_seconds = 2.0
note = "1 MiB filler + planted Box token."
readme_claim = "900 service-specific detectors"