[PR #3] added rule: PR# 3 - Test Rule - Phishing Link Detection

Author: github-actions[bot]

detection-rules/3_test_phishing_link.yml

@@ -0,0 +1,19 @@
+name: "PR# 3 - Test Rule - Phishing Link Detection"
+description: "A second test rule for workflow validation"
+type: rule
+severity: high
+source: |
+  type.inbound
+  and any(body.links,
+          .href_url.domain.root_domain in ("bit.ly", "tinyurl.com")
+          and .href_url.domain.domain != sender.email.domain.domain
+  )
+tags:
+  - "test"
+  - "phishing"
+  - pr_author_aidenmitchell
+  - created_from_open_prs
+  - rule_status_added
+id: "4ba8b0a2-253b-50f2-bebb-899d421fe0c1"
+references:
+  - https://github.com/aidenmitchell/sublime-rules/pull/3