← all rules
secret/slack-token
Slack Token
What it detects
Slack bot, user, or workspace token (xoxb/xoxp/xoxa/xoxr/xoxs).
How it runs
Run against every text file in the repo (with a binary-content filter and a `.repoguardignore` filter for fixtures). The matched value is masked before being persisted.
Found a false positive or want this rule tuned? File an issue. You can also suppress per-repo via a .repoguardignore line.