If you discover a security vulnerability in this repository, please report it privately via GitHub Security Advisories rather than opening a public issue.

These scripts are designed for RMM deployment. Never hardcode credentials directly into scripts.

1. Use RMM platform variables - Most RMM platforms support secure variable injection (e.g., $siteToken, $env:API_KEY)
2. Environment variables - Scripts fall back to environment variables when RMM injection isn't available
3. Review before deploying - Always audit scripts before running in production

This repository intentionally excludes:

• API keys, tokens, or passwords
• Customer data or internal URLs
• Private configuration files
• Environment-specific settings

All scripts in this repository:

• Avoid dangerous patterns like Invoke-Expression with remote content
• Include $ErrorActionPreference = 'Stop' for fail-fast behavior
• Document security considerations in their README headers
• Use exit codes for proper RMM status reporting