Groq API Key

Detects Groq (GroqCloud) API keys, which use a distinctive gsk_ prefix followed by a long alphanumeric body. A leaked key grants unauthorized, billed access to Groq's hosted inference API and any prompts or data routed through it.

Type
regex
Engine
universal
Confidence
high
Confidence justification
High confidence: the gsk_ prefix is distinctive and independently confirmed by GitGuardian's detector spec (Prefixed: True), Groq's own GitHub secret-scanning partner entry, and third-party secret-scanning prefix research, so false positives on the prefix alone are extremely unlikely even though the exact body length is not formally documented.
Jurisdictions
global
Regulations
Criminal Code Act 1995 (Cth)
Frameworks
CIS Controls, ISO 27001, NIST CSF, SOC 2
Data categories
credentials, security
Scope
narrow
Risk rating
9
Platform compatibility
Purview: Compatible, GCP DLP: Unsupported, Macie: Unsupported, Zscaler: Compatible, Palo Alto: Unsupported, Netskope: Unsupported

Pattern

(?<![A-Za-z0-9_-])gsk_[A-Za-z0-9]{20,100}(?![A-Za-z0-9_-])

Corroborative evidence keywords

groq, groqcloud, console.groq.com, GROQ_API_KEY, api key, api_key, apikey, access key, access token, auth token, authorization, bearer, conn str, connection string, connectionstring, cookie, credential, database, host, [object Object] (+37 more)

Proximity: 300 characters

Should match

Should not match

Known false positives

References