diff --git a/rules/S7155/metadata.json b/rules/S7155/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7155/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7155/secrets/metadata.json b/rules/S7155/secrets/metadata.json
new file mode 100644
index 00000000000..903c4c89bab
--- /dev/null
+++ b/rules/S7155/secrets/metadata.json
@@ -0,0 +1,56 @@
+{
+  "title": "CircleCI API tokens should not be disclosed",
+  "type": "VULNERABILITY",
+  "code": {
+    "impacts": {
+      "SECURITY": "HIGH"
+    },
+    "attribute": "TRUSTWORTHY"
+  },
+  "status": "ready",
+  "remediation": {
+    "func": "Constant\/Issue",
+    "constantCost": "30min"
+  },
+  "tags": [
+    "cwe",
+    "cert"
+  ],
+  "defaultSeverity": "Blocker",
+  "ruleSpecification": "RSPEC-7155",
+  "sqKey": "S7155",
+  "scope": "All",
+  "securityStandards": {
+    "CWE": [
+      798,
+      259
+    ],
+    "OWASP": [
+      "A3"
+    ],
+    "CERT": [
+      "MSC03-J."
+    ],
+    "OWASP Top 10 2021": [
+      "A7"
+    ],
+    "PCI DSS 3.2": [
+      "6.5.10"
+    ],
+    "PCI DSS 4.0": [
+      "6.2.4"
+    ],
+    "ASVS 4.0": [
+      "2.10.4",
+      "3.5.2",
+      "6.4.1"
+    ],
+    "STIG ASD_V5R3": [
+      "V-222642"
+    ]
+  },
+  "defaultQualityProfiles": [
+    "Sonar way"
+  ],
+  "quickfix": "unknown"
+}
diff --git a/rules/S7155/secrets/rule.adoc b/rules/S7155/secrets/rule.adoc
new file mode 100644
index 00000000000..7d513d8b1b0
--- /dev/null
+++ b/rules/S7155/secrets/rule.adoc
@@ -0,0 +1,52 @@
+
+include::../../../shared_content/secrets/description.adoc[]
+
+If attackers gain access to a CircleCI API token, they might be able to modify projects and jobs running on the CircleCI platform.
+
+== Why is this an issue?
+
+include::../../../shared_content/secrets/rationale.adoc[]
+
+=== What is the potential impact?
+
+The exact impact of compromising a CircleCI API token varies depending on the permissions granted and its type (personal or project token). It can range from loss of sensitive data and source code to severe supply chain attacks.
+
+Below are some real-world scenarios that illustrate some impacts of an attacker
+exploiting the secret.
+
+include::../../../shared_content/secrets/impact/source_code_compromise.adoc[]
+
+include::../../../shared_content/secrets/impact/supply_chain_attack.adoc[]
+
+== How to fix it
+
+include::../../../shared_content/secrets/fix/revoke.adoc[]
+
+include::../../../shared_content/secrets/fix/vault.adoc[]
+
+=== Code examples
+
+:example_secret: CCIPAT_FERZRjTN451xnDCy1y9gWn_79fb6ca4d0e5f833612eee17de397a9dca0a9e9f
+:example_name: cci-api-token
+:example_env: CCI_API_TOKEN
+
+include::../../../shared_content/secrets/examples.adoc[]
+
+//=== How does this work?
+
+//=== Pitfalls
+
+=== Going the extra mile
+
+include::../../../shared_content/secrets/extra_mile/permissions_scope.adoc[]
+
+== Resources
+
+=== Documentation
+
+* CircleCI Docs - https://circleci.com/docs/managing-api-tokens/[Managing API Tokens]
+* CircleCI Docs - https://circleci.com/docs/api-developers-guide/[CircleCI API developer’s guide]
+
+include::../../../shared_content/secrets/resources/standards.adoc[]
+
+//=== Benchmarks