- URLhausSource searches abuse.ch URLhaus API for malicious URLs with API keys
- Credentialless source (Enabled always true, no API key needed)
- Tag lookup with payload endpoint fallback
- ciLogKeyPattern used for content matching
- Tests with httptest mocks for happy path and empty results
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
