jfrog · eranturgeman · Dec 21, 2025 · Dec 22, 2025
diff --git a/testdata/messages/reviewcomment/secrets/secret_review_content_simplified.md b/testdata/messages/reviewcomment/secrets/secret_review_content_simplified.md
@@ -4,9 +4,9 @@
 ## 🤫 Secret Vulnerability
 
 ---
-| Severity                | Status                  | Origin                  | Finding                  |
-| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
-| High | Active | JFrog | Secret keys were found |
+| Severity                | Token Validation                  | Token Info                  | Origin                  | Finding                  |
+| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
+| High | Active | The token was validated and found to be active. This indicates that the secret is currently in use. | JFrog | Secret keys were found |
 
 
 ---

diff --git a/testdata/messages/reviewcomment/secrets/secret_review_content_standard.md b/testdata/messages/reviewcomment/secrets/secret_review_content_standard.md
@@ -2,9 +2,9 @@
 ## 🤫 Secret Vulnerability
 <div align='center'>
 
-| Severity                | Status                  | Origin                  | Finding                  |
-| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
-| ![high](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/applicableHighSeverity.png)<br>    High | Active | JFrog | Secret keys were found |
+| Severity                | Token Validation                  | Token Info                  | Origin                  | Finding                  |
+| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
+| ![high](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/applicableHighSeverity.png)<br>    High | Active | The token was validated and found to be active. This indicates that the secret is currently in use. | JFrog | Secret keys were found |
 
 </div>
 

diff --git a/...ta/messages/reviewcomment/secrets/secret_violation_review_content_simplified.md b/...ta/messages/reviewcomment/secrets/secret_violation_review_content_simplified.md
@@ -4,10 +4,10 @@
 ## 🤫 Secret Violation
 
 ---
-| Severity                | ID                  | Status                  | Origin                  | Finding                  | Watch Name                  | Policies                  |
-| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
-| High | secret-violation-id | Active | JFrog | Secret keys were found | jas-watch | policy1 |
-| Critical | secret-violation-id-2 | Inactive | JFrog | Secret keys were found | jas-watch2 | policy1, policy2 |
+| Severity                | ID                  | Token Validation                  | Token Info                  | Origin                  | Finding                  | Watch Name                  | Policies                  |
+| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
+| High | secret-violation-id | Active | The token was validated and found to be active. This indicates that the secret is currently in use. | JFrog | Secret keys were found | jas-watch | policy1 |
+| Critical | secret-violation-id-2 | Inactive | The token was validated and found to be inactive. This indicates that the secret is no longer in use. | JFrog | Secret keys were found | jas-watch2 | policy1, policy2 |
 
 
 ---

diff --git a/...data/messages/reviewcomment/secrets/secret_violation_review_content_standard.md b/...data/messages/reviewcomment/secrets/secret_violation_review_content_standard.md
@@ -2,10 +2,10 @@
 ## 🤫 Secret Violation
 <div align='center'>
 
-| Severity                | ID                  | Status                  | Origin                  | Finding                  | Watch Name                  | Policies                  |
-| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
-| ![high](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/applicableHighSeverity.png)<br>    High | secret-violation-id | Active | JFrog | Secret keys were found | jas-watch | policy1 |
-| ![critical (not applicable)](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/notApplicableCritical.png)<br>Critical | secret-violation-id-2 | Inactive | JFrog | Secret keys were found | jas-watch2 | policy1<br>policy2 |
+| Severity                | ID                  | Token Validation                  | Token Info                  | Origin                  | Finding                  | Watch Name                  | Policies                  |
+| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
+| ![high](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/applicableHighSeverity.png)<br>    High | secret-violation-id | Active | The token was validated and found to be active. This indicates that the secret is currently in use. | JFrog | Secret keys were found | jas-watch | policy1 |
+| ![critical (not applicable)](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/notApplicableCritical.png)<br>Critical | secret-violation-id-2 | Inactive | The token was validated and found to be inactive. This indicates that the secret is no longer in use. | JFrog | Secret keys were found | jas-watch2 | policy1<br>policy2 |
 
 </div>
 

diff --git a/utils/outputwriter/outputcontent.go b/utils/outputwriter/outputcontent.go
@@ -524,28 +524,30 @@ func SecretReviewContent(violation bool, writer OutputWriter, issues ...formats.
 
 func getSecretsDescriptionTable(writer OutputWriter, issues ...formats.SourceCodeRow) string {
 	// Construct table
-	table := NewMarkdownTable("Severity", "ID", "Status", "Origin", "Finding", "Watch Name", "Policies").SetDelimiter(writer.Separator())
+	table := NewMarkdownTable("Severity", "ID", "Token Validation", "Token Info", "Origin", "Finding", "Watch Name", "Policies").SetDelimiter(writer.Separator())
 	// Hide optional columns if all empty (violations/no status)
 	table.GetColumnInfo("ID").OmitEmpty = true
-	table.GetColumnInfo("Status").OmitEmpty = true
+	table.GetColumnInfo("Token Validation").OmitEmpty = true
+	table.GetColumnInfo("Token Info").OmitEmpty = true
 	table.GetColumnInfo("Watch Name").OmitEmpty = true
 	table.GetColumnInfo("Policies").OmitEmpty = true
 	// Construct rows
 	for _, issue := range issues {
-		// Determine the issue applicable status
 		applicability := jasutils.Applicable.String()
-		status := ""
+		tokenValidationStatus := ""
+		tokenValidationInfo := ""
 		if issue.Applicability != nil && issue.Applicability.Status != "" {
-			status = issue.Applicability.Status
-			if status == jasutils.Inactive.String() {
-				// Update the applicability status to Not Applicable for Inactive
+			tokenValidationStatus = issue.Applicability.Status
+			if tokenValidationStatus == jasutils.Inactive.String() {
 				applicability = jasutils.NotApplicable.String()
 			}
+			tokenValidationInfo = issue.Applicability.ScannerDescription
 		}
 		table.AddRowWithCellData(
 			NewCellData(writer.FormattedSeverity(issue.Severity, applicability)),
 			NewCellData(issue.IssueId),
-			NewCellData(status),
+			NewCellData(tokenValidationStatus),
+			NewCellData(tokenValidationInfo),
 			NewCellData(issue.ScannerInfo.Origin),
 			NewCellData(issue.Finding),
 			NewCellData(issue.Watch),

diff --git a/utils/outputwriter/outputcontent_test.go b/utils/outputwriter/outputcontent_test.go
@@ -882,11 +882,14 @@ func TestSecretsReviewContent(t *testing.T) {
 			},
 		},
 		{
-			name: "Secret review comment content with applicability status",
+			name: "Secret review comment content with applicability status and info",
 			issues: []formats.SourceCodeRow{{
 				SeverityDetails: formats.SeverityDetails{Severity: "High"},
-				Applicability:   &formats.Applicability{Status: jasutils.Active.String()},
-				Finding:         "Secret keys were found",
+				Applicability: &formats.Applicability{
+					Status:             jasutils.Active.String(),
+					ScannerDescription: "The token was validated and found to be active. This indicates that the secret is currently in use.",
+				},
+				Finding: "Secret keys were found",
 				ScannerInfo: formats.ScannerInfo{
 					RuleId:                  "rule-id",
 					Cwe:                     []string{"CWE-798", "CWE-799"},
@@ -909,12 +912,15 @@ func TestSecretsReviewContent(t *testing.T) {
 			},
 		},
 		{
-			name: "Secrets violation review comment content with applicability status",
+			name: "Secrets violation review comment content with applicability status and info",
 			issues: []formats.SourceCodeRow{
 				{
 					SeverityDetails: formats.SeverityDetails{Severity: "High"},
-					Applicability:   &formats.Applicability{Status: jasutils.Active.String()},
-					Finding:         "Secret keys were found",
+					Applicability: &formats.Applicability{
+						Status:             jasutils.Active.String(),
+						ScannerDescription: "The token was validated and found to be active. This indicates that the secret is currently in use.",
+					},
+					Finding: "Secret keys were found",
 					ScannerInfo: formats.ScannerInfo{
 						RuleId:                  "rule-id",
 						Cwe:                     []string{"CWE-798", "CWE-799"},
@@ -930,8 +936,11 @@ func TestSecretsReviewContent(t *testing.T) {
 				},
 				{
 					SeverityDetails: formats.SeverityDetails{Severity: "Critical"},
-					Applicability:   &formats.Applicability{Status: jasutils.Inactive.String()},
-					Finding:         "Secret keys were found",
+					Applicability: &formats.Applicability{
+						Status:             jasutils.Inactive.String(),
+						ScannerDescription: "The token was validated and found to be inactive. This indicates that the secret is no longer in use.",
+					},
+					Finding: "Secret keys were found",
 					ScannerInfo: formats.ScannerInfo{
 						RuleId:                  "rule-id",
 						Cwe:                     []string{"CWE-798", "CWE-799"},