Skip to content

feat(detectors): added make.com api_token and mcp_token detectors #4347

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 23 commits into
base: main
Choose a base branch
from
Open

feat(detectors): added make.com api_token and mcp_token detectors #4347

wants to merge 23 commits into from

Conversation

Jeff-Rowell
Copy link
Contributor

Description:

Make.com is a low-code/no-code automation platform that allows users to connect apps and services typically to automate business workflows. I've added two new detectors for Make.com:

  1. api_token - authentication keys permitting access to a make.com API. The /users/me/current-authorization endpoint is used for validity checks. A 200 OK response code is returned iff the API key is valid and the correct FQDN/zone is used. The api_token detector attempts to match a Make.com API URL and tries to validate against the matched URLS first. If there are no API URLs found, or if the matched API URL(s) fail to validate, the api_token detector attempts validation using the /users/me/current-authorization endpoint for each of the known make.com zones until one of them succeeds or they all fail:
  2. mcp_token - a unique URL provided by Make.com that allows external AI systems to access automation workflows and tools in Make.com. Make.com provides a cloud-based MCP server that communicates via Server-Sent Events (SSE) and provides users a URL that contains an embedded MCP auth token using a pattern that looks like this: https://<MAKE_ZONE>/mcp/api/v1/u/<MCP_TOKEN>/sse. The detector finds these URLs and looks for a 200 OK response when calling them.

Checklist:

  • Tests passing (make test-community)?
  • Lint passing (make lint this requires golangci-lint)?

@Jeff-Rowell Jeff-Rowell requested review from a team as code owners July 27, 2025 14:41
@amanfcp
Copy link
Contributor

amanfcp commented Jul 28, 2025

Thank you @Jeff-Rowell for the contribution.
Please resolve the conflicts so that we can go ahead with the review.

jonathongardner and others added 6 commits July 28, 2025 18:32
@jonathongardner @shahzadhaider1
@kashifkhan0771 @Jeff-Rowell
feat: add webexbot support (trufflesecurity#4322)
e1187a9 
* feat: add webexbot support

* build proto using make

* remove generic words

* added the secret scanner to the engine defaults

* remove keywords from regex and PR suggestions

* fixed pattern tests

* return err to set on results and remove duplicate keyword

---------

Co-authored-by: Shahzad Haider <[email protected]>
Co-authored-by: Shahzad Haider <[email protected]>
Co-authored-by: Kashif Khan <[email protected]>
@camgunz @Jeff-Rowell
Regenerate protobufs with the correct protoc (etc) version (trufflese…
33026a3 
…curity#4349)
@dustin-decker @Jeff-Rowell
fix test (trufflesecurity#4350)
d859144
@SyedAliHamad @amanfcp @Jeff-Rowell
[Detector]-Detector for tableau personal access token (trufflesecurit…
36fd8fa 
…y#4261)

* add detector for tableau personal access token

* add test for tableau detector

* removed unnecessary checks

* add cloud endpoint for tableau

* cleanup: simplify map copying with maps.Copy

* resolve comments

* added correct detector type for tableau

* updated tableau PAT key and corrected integration tests

* resolved comments

* updated test cases

* resolved comments

* fixed integration tests

* removed redundant validation

* resolved false positive issue

* updated regex for pat-name

* resolved comments

* update regex for better token name extraction

* simplify prefix regex  for tableau pat name

* merged main into origin/detector/tableau-personal-access-token

---------

Co-authored-by: Amaan Ullah <[email protected]>
@Jeff-Rowell
changed detector type nums
fa2aa99
@Jeff-Rowell
Merge branch 'main' into feat/make-detector
29aefbd
@Jeff-Rowell
Copy link
Contributor Author

Thank you @Jeff-Rowell for the contribution. Please resolve the conflicts so that we can go ahead with the review.

@amanfcp Thanks for taking a look. Merge conflicts have been resolved

@Jeff-Rowell
Copy link
Contributor Author

@amanfcp Anything else needed from me here?

@amanfcp
Copy link
Contributor

amanfcp commented Jul 31, 2025

@Jeff-Rowell We’re currently evaluating whether support for make.com aligns with our goals and provides enough value to justify ongoing maintenance.

kashifkhan0771
kashifkhan0771 requested changes Jul 31, 2025
View reviewed changes
kashifkhan0771
kashifkhan0771 requested changes Aug 4, 2025
View reviewed changes
Copy link
Contributor

@kashifkhan0771 kashifkhan0771 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've reviewed about half of the PR and left some feedback. Once those are addressed, I'll go ahead and review the rest.

@kashifkhan0771
Copy link
Contributor

Thanks for the contribution @Jeff-Rowell ❤️

Jeff-Rowell and others added 4 commits August 8, 2025 08:09
@Jeff-Rowell @kashifkhan0771
Update pkg/detectors/make/api_token/api_token.go
13f4b89 
Co-authored-by: Kashif Khan <[email protected]>
@Jeff-Rowell
Merge branch 'main' into feat/make-detector
f977a10
@Jeff-Rowell @kashifkhan0771
- updated make endpoint regex
31dce6b 
- updated verifyMatch to prepend https:// and append /api/v2/
- updated keywords for api_token and mcp_token
- replaced FindAllString() instead of FindAllStringSubmatch()
- updated FromData to only return results if an endpoint is configured or found
- removed duplicate endpoint slice length validation and changed verifyMatch() argument type to be a string instead of a slice of strings
- added a trailing empty line in api_token_test.go to pass gofmt checks

Co-authored-by: Kashif Khan <[email protected]>
Co-authored-by: Jeff Rowell <[email protected]>
@Jeff-Rowell
make protos
017112b
@Jeff-Rowell
Copy link
Contributor Author

I've reviewed about half of the PR and left some feedback. Once those are addressed, I'll go ahead and review the rest.

@kashifkhan0771 Thanks for the review and recommendations. I believe I've got everything updated per your suggestions. Please take a look. Thank you 🙌

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amanfcp amanfcp amanfcp left review comments

@kashifkhan0771 kashifkhan0771 kashifkhan0771 requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@Jeff-Rowell @amanfcp @kashifkhan0771 @jonathongardner @camgunz @dustin-decker @SyedAliHamad