Too Long; Didn't Read
Detecting secrets in source code is like finding needles in a haystack: there are a lot more sticks than there are needles, and you don’t know how many needles might be in the haystack. The accuracy metric is not relevant in the context of secrets detection. Precision and recall look at the algorithm's primary objective and use this to evaluate its success. It is combining both precision and recall that lies the challenge. Balancing the equation to ensure the highest number of secrets are captured without flagging too many false alerts.