Listing secret not capturing as a risky rule

My RBAC (ServiceAccount,Role & RoleBinding) as follows, which has a role of listing secrets.

```
apiVersion: v1
kind: ServiceAccount
metadata:
  name: listsecrets
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: role-list-secrets
rules:
- apiGroups: ["*"]
  resources: ["secrets"]
  verbs: ["list"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rolebinding-list-secrets
subjects:
- kind: ServiceAccount
  name: listsecrets
  namespace: testing
roleRef:
  kind: Role
  name: role-list-secrets
  apiGroup: rbac.authorization.k8s.io
```

![image](https://user-images.githubusercontent.com/19322497/62681676-e0139e00-b9d7-11e9-851e-c71ebded87af.png)

But **kubiscan -rr** does not capturing/show as a risky rule.

![image](https://user-images.githubusercontent.com/19322497/62681647-ce31fb00-b9d7-11e9-9c93-c4ce6f859ee9.png)

Not sure what is the criteria of risky rule? 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Listing secret not capturing as a risky rule #10

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Listing secret not capturing as a risky rule #10

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions