Detection Engine Updates Version 2.162
Release Date: April 27, 2026
This release ships 16 new detectors (Baidu AI Cloud API Key, Baidu Cloud API Keys, HashiCorp Consul ACL Token, ElevenLabs API Key, Datadog Application Key, Volcengine API Key, QQ Robot API Keys, Canva Integration OAuth 2.0, Bitrise Personal Access Token, Bitrise Workspace API Token, MaxMind License Key, Snyk Key V2, Cloudflare API Token V2, CockroachDB API Key, Coder Session Token, Aikido CI Scanning Token), updated detectors for Azure OpenAI (new key format), GitLab (fine-grained personal access tokens), Google Cloud (lower memory on secret-dense files), PayPal Braintree and Slack Bot Token (more accurate check statuses), new analyzers for Azure AI Search and Azure OpenAI, and analyzer updates for GitLab (fine-grained PATs), PostgreSQL Credentials and Anthropic Admin Key. The grafbase_access_token checker is also disabled ahead of the detector's removal in the next release.
Notable precision improvements (measured on internal benchmarks):
paypal_braintree_keys: significant reduction in false positives.
New Detectors
- Aikido CI Scanning Token: Add a new detector for Aikido CI Scanning Token.
- Baidu AI API Key: Add a new detector for Baidu AI Cloud API Key.
- Baidu Cloud API Keys: Add a new detector for Baidu Cloud API Keys.
- Bitrise Personal Access Token: Add a new detector for Bitrise Personal Access Token.
- Bitrise Workspace API Token: Add a new detector for Bitrise Workspace API Token.
- Canva Integration OAuth2: Add a new detector for Canva Integration OAuth 2.0.
- Cloudflare API Token: Add a new detector for Cloudflare API Token V2 with new token format.
- CockroachDB API Key: Add a new detector for CockroachDB API Key.
- Coder Session Token: Add a new detector for Coder Session Token.
- Datadog Application Key: Add a new detector for Datadog Application Key.
- ElevenLabs API Key: Add a new detector for ElevenLabs API Key.
- Hashicorp Consul ACL Token: Add a new detector for HashiCorp Consul ACL Token.
- MaxMind License Key: Add a new detector for MaxMind License Key.
- QQ Robot API Keys: Add a new detector for QQ Robot API Keys.
- Snyk Key: Add a new detector for Snyk Key V2.
- Volcengine API Key: Add a new detector for Volcengine API Key.
Detector Updates
- Azure Open AI API key: Update the
azure_open_ai_api_keydetector to support the new key format. - GitLab Token: Update GitLab checker to support fine-grained personal access tokens.
- Google Cloud Keys: The
googleclouddetector now uses less memory on files full of secrets. - Grafbase Access Token: Disabled checker for the
grafbase_access_token: the service has been discontinued. - PayPal Braintree Keys: Improve precision of PayPal Braintree Keys detector.
- Slack Bot Token: Some tokens that could have been wrongly reported as "Invalid" before are now reported as "Failed to check".
New Analyzers
- Azure AI Search Key: Add a new analyzer for Azure AI Search Key.
- Azure Open AI API key: Add analyzer for Azure Open AI API key.
Analyzer Updates
- Anthropic Admin Key: Only check workspace members endpoint accessibility.
- GitLab Token: Update GitLab analyzer to support fine-grained personal access tokens.
- PostgreSQL Credentials: The
postgresql_credentialssecret analyzer no longer fails on instances that do not supportORDER BYforARRAY_AGG.
