I Understand, but why was the last secret detected without using security hotspots? Does connected mode offer the advantage that all secrets get detected? That’s my question.
This is a pretty crude rule with a hard-coded list of variable names. There are a lot of false positives, and typically these require review.
On the other hand, this example is definitely an issue, not on the variable name but actually the pattern of the secret itself. This is a clear security issue (not a “maybe” security issue), and is raised by Amazon Web Services credentials should not be disclosed