# tests (TypeScript) Security Rules

1 detection rules for tests framework in TypeScript

- Total rules: 1
- CWE coverage: 1

## LOW (1)

- **Security Issues in Test Files**: Detects security anti-patterns in test files that could leak into production.

While test files don't run in production, they can still pose security risks:
1. **Hard-coded credentials** - Test credentials committed to repos
2. **Real API keys** - Production keys used in tests
3. **Exposed secrets** - Secrets in test fixtures or mocks
4. **Insecure test patterns** - Patterns that might be copy-pasted to production

This rule helps maintain test hygiene and prevents credential leaks.