Missing User Warnings
Medium
- Confidence
- 92% confidence
- Finding
- The manual configuration example explicitly sets `verify_ssl: false`, which normalizes disabling TLS certificate verification at the point where users are likely to copy-paste settings. In a tool that can manage Docker/Portainer hosts and perform guarded writes, this exposes users to man-in-the-middle attacks, credential interception, and unauthorized host operations if the connection is tampered with.
