This rule checks whether the SecureString type is misused in the workflow. This string type is used when avoiding to store potentially sensitive strings as plain text. Read more about SecureString here.
The SecureString type should not be used for any purpose other than the intended one. The scope of such variables should be very limited, ideally in the same scope where they were created.
Updated 3 years ago