sensitive-file/backup

Backup file

mediumSensitive filesensitive-file

What it detects

Backup file (.bak/.backup/.old). Often a snapshot of production state including secrets.

Review contents; if sensitive, remove and rotate.

Path / basename / content-header match. No content body is stored — only the path.

Found a false positive or want this rule tuned? File an issue. You can also suppress per-repo via a .repoguardignore line.