{
  "_comment": "敏感文件内容模式 (ask) — 由 block-sensitive-files.js 加载",
  "_version": "v3.9",
  "patterns": [
    {
      "regex": "(?:password|passwd|pwd)\\s*[:=]\\s*['\"][^'\"]{4,}",
      "flags": "i",
      "reason": "明文密码"
    },
    {
      "regex": "(?:secret[-_]?key|api[-_]?key|access[-_]?key)\\s*[:=]\\s*['\"][^'\"]{8,}",
      "flags": "i",
      "reason": "API 密钥"
    },
    {
      "regex": "-----BEGIN (?:RSA |EC |OPENSSH )?PRIVATE KEY-----",
      "flags": "",
      "reason": "私钥内容"
    },
    {
      "regex": "AKIA[0-9A-Z]{16}",
      "flags": "",
      "reason": "AWS Access Key"
    },
    {
      "regex": "sk-[a-zA-Z0-9]{20,}",
      "flags": "",
      "reason": "OpenAI/Stripe 密钥"
    },
    {
      "regex": "ghp_[a-zA-Z0-9]{36}",
      "flags": "",
      "reason": "GitHub Personal Access Token"
    },
    {
      "regex": "glpat-[a-zA-Z0-9\\-_]{20,}",
      "flags": "",
      "reason": "GitLab Personal Access Token"
    },
    {
      "regex": "xoxb-[0-9]{10,}-[a-zA-Z0-9]+",
      "flags": "",
      "reason": "Slack Bot Token"
    },
    {
      "regex": "\"type\"\\s*:\\s*\"service_account\"",
      "flags": "",
      "reason": "GCP Service Account Key"
    },
    {
      "regex": "DefaultEndpointsProtocol=.*AccountKey=",
      "flags": "i",
      "reason": "Azure Storage 连接串"
    },
    {
      "regex": "eyJ[a-zA-Z0-9_-]+\\.eyJ[a-zA-Z0-9_-]+",
      "flags": "",
      "reason": "JWT Token"
    },
    {
      "regex": "\\d+\\.\\d+\\.\\d+\\.\\d+.*(?:password|passwd|pwd)\\s*[:=]\\s*\\S+",
      "flags": "i",
      "reason": "IP 地址 + 密码组合"
    }
  ]
}