Scripts deployed with Jamf Pro should contain only publicly disclosable information. It is recommended that you remove all key material or confidential information from your scripts, especially credentials for authentication of any kind.
If key material or confidential information is required to run a script, pass that information as a parameter using a policy or Casper Remote. Using parameters to pass sensitive information ensures that the values stored in them are only available at runtime and not stored anywhere they can be accessed.
For more information on using parameters with scripts, see Script Parameters.
Jamf would like to hear your feedback around Restrictions payload (computers and devices)