Good point. FWIW, there is the “supout.rif Viewer” section on https://mikrotik.com/client/supout (under Account, after login in free account), which shows the contents of supout.rif that you upload. So any password/keys/“secrets” stored in variables/script are in the supout.rif since it has an “export” (which does not show RouterOS “sensitive” attributes, as noted…but export has no idea what’s sensitive in scripts…)