hammer_cli uses insecure file permissions. The file /etc/hammer/cli.modules.d/foreman.yml
is world-readable, which would allow a local user to access and read the file. The configuration file may contain confidential information such as usernames and passwords.