Update Secret Detection scan to find GitLab Personal Access Tokens and Project Access Tokens
### Problem to solve
Our ~"Category:Secret Detection" does not currently detect our own [Personal Access Tokens](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html) and Project Access Tokens. We should update secret detection jobs to find them and potentially revoke.
### Proposal
1. Add regex for detecting GitLab Personal Access Tokens
1. (Potentially) auto-revoke tokens, see [programmatically revoking tokens](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html#programmatically-revoking-a-personal-access-token)
#### Further Details
The format is not very unique for personal access tokens, so we must either use lookaround or we should consider a post-analyze step similar to https://gitlab.com/gitlab-org/secure/vulnerability-research/awesomesauce/-/issues/11 to verify secrets.
### Documentation
Update ~"Category:Secret Detection" docs to include GitLab tokens
### What is the type of buyer?
All GitLab users leveraging Secret Detection
### Links / references
issue