Thank you for your reply, priority has been changed to minor.
The one most concerning to me was that the running list of processes leaked the VPN IP address one of my dockers is connecting to.
The other things were a customized Unraid server name (should be switched to tower as part of the anonymization process IMO) as well as a few share names.
This is exactly the point of the report.
I don't love the answer of "Don't use quotes in your password" nonetheless I agree with jonathanm that some validation that rejects invalid passwords would be nice.