Credential Detection

The detection engine scans text for 47 credential patterns across AI providers, cloud platforms, SaaS services, and infrastructure tools. Each detection includes a confidence score.

Functions

`detectCredentials(text)`

Scan a string for credentials. Returns all matches with position, type, confidence, and the matched pattern name. Returns: DetectionResult[]

import { detectCredentials } from '@id-wispera/core';

const results = detectCredentials(fs.readFileSync('.env', 'utf8'));
results.forEach(r => {
  console.log(`${r.name}: ${r.type} (confidence: ${r.confidence})`);
});

`classifyCredential(value)`

Classify a single credential string by matching it against known patterns. Returns the highest-confidence credential type. Returns: CredentialType

`mightContainCredentials(text)`

Fast pre-check using 11 lightweight patterns. Use before detectCredentials() to skip files that clearly contain no credentials. Returns: boolean

`maskCredentialsInText(text)`

Replace all detected credentials in a string with masked versions. Useful for safe logging. Returns: string

`getDetectionStats(results)`

Summarize detection results: total count, breakdown by type, high-confidence count, average confidence.

Supported Patterns (47)

Category	Patterns
AI Providers	OpenAI (4 variants), Anthropic, Google, Azure
Cloud	AWS Access Key, AWS Secret, Google Cloud
Code Platforms	GitHub (5 variants), npm, PyPI
Communication	Slack (3 variants), Discord (2 variants), Twilio
Payment	Stripe (3 variants)
Email	SendGrid, Mailgun
Auth Tokens	JWT, Bearer Token
Secrets	Private Keys (RSA, EC, OpenSSH, generic)
Connection Strings	MongoDB, PostgreSQL, MySQL, Redis
OpenClaw	Gateway Token, Telegram Bot, OpenRouter, WhatsApp JID
Generic	API Key, Secret

SDK Reference

​Credential Detection

​Functions

​detectCredentials(text)

​classifyCredential(value)

​mightContainCredentials(text)

​maskCredentialsInText(text)

​getDetectionStats(results)

​Supported Patterns (47)