The TwitterConsumerKey detector has outdated regex sizes and char sets. In particular, the secret needs to include - (perhaps other chars) and the key needs to have a larger range (I generated a key with 34 chars). The detector still works and detects creds generated in the past, but if you generate new consumer creds, the keys and secrets aren't always being detected.