Reduce false positives on legitimate HTTP clients

## Bounty: Reduce false positives on legitimate HTTP clients

**Reward:** 500 $ISNAD
**Track:** Detection
**Difficulty:** Medium

### Description
Improve detection accuracy by reducing false positives triggered by legitimate HTTP client libraries (axios, node-fetch, requests, urllib3). Current rules sometimes flag normal API usage patterns.

### Requirements
- [ ] Audit current rules for HTTP client false positives
- [ ] Create allowlist patterns for common legitimate usage
- [ ] Add context-aware detection (distinguish data exfil from normal requests)
- [ ] Benchmark against top 500 npm and PyPI packages
- [ ] Maintain detection rate for actual malicious HTTP usage
- [ ] Tests passing

### How to Submit
Open a PR referencing this issue. See [Bounty Program](https://isnad.md/bounties) for full rules.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Reduce false positives on legitimate HTTP clients #2

Bounty: Reduce false positives on legitimate HTTP clients

Description

Requirements

How to Submit

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Reduce false positives on legitimate HTTP clients #2

Description

Bounty: Reduce false positives on legitimate HTTP clients

Description

Requirements

How to Submit

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions