diff --git a/pkg/auth/auth.go b/pkg/auth/auth.go
index 742046391..52e3aaf3d 100644
--- a/pkg/auth/auth.go
+++ b/pkg/auth/auth.go
@@ -201,7 +201,7 @@ func (c *Credentials) execScript(cmdPath string, kind string, timeout string, e
 		return response, nil
 	}
 
-	// If JSON parsing fails or the data is empty,
+	// If YAML parsing fails or the data is empty,
 	// assume the output is the data (password or certificate) in plain text for backward compatibility.
 	response.Data = strings.TrimSpace(stdout.String())
 	return response, nil
diff --git a/pkg/auth/auth_test.go b/pkg/auth/auth_test.go
index 4edb7be65..503e4bccb 100644
--- a/pkg/auth/auth_test.go
+++ b/pkg/auth/auth_test.go
@@ -477,7 +477,7 @@ Pollers:
 			pollerName: "test",
 			want: PollerAuth{
 				Username:            "username", // Fallback to the username provided in the poller configuration
-				Password:            "script-password",
+				Password:            "password #\"`!@#$%^&*()-=[]|:'<>/ password",
 				HasCredentialScript: true,
 			},
 			yaml: `
@@ -520,6 +520,24 @@ Pollers:
     addr: a.b.c
     credentials_script:
       path: testdata/get_password_plain
+`,
+		},
+
+		{
+			name:       "credentials_script returns username and password in YAML via Heredoc",
+			pollerName: "test",
+			want: PollerAuth{
+				Username:            "myuser",
+				Password:            "my # password",
+				HasCredentialScript: true,
+			},
+			yaml: `
+Pollers:
+  test:
+    addr: a.b.c
+    username: username
+    credentials_script:
+      path: testdata/get_credentials_yaml_heredoc
 `,
 		},
 	}
diff --git a/pkg/auth/testdata/get_credentials_yaml b/pkg/auth/testdata/get_credentials_yaml
index 12689e777..0fa698a04 100755
--- a/pkg/auth/testdata/get_credentials_yaml
+++ b/pkg/auth/testdata/get_credentials_yaml
@@ -1,4 +1,4 @@
 #!/bin/bash
 # Used by pkg/auth/auth_test.go
-echo "username: script-username"
-echo "password: script-password"
\ No newline at end of file
+echo 'username: script-username'
+echo 'password: script-password'
\ No newline at end of file
diff --git a/pkg/auth/testdata/get_credentials_yaml_heredoc b/pkg/auth/testdata/get_credentials_yaml_heredoc
new file mode 100755
index 000000000..8f248efe8
--- /dev/null
+++ b/pkg/auth/testdata/get_credentials_yaml_heredoc
@@ -0,0 +1,6 @@
+#!/bin/bash
+# Used by pkg/auth/auth_test.go
+cat << EOF
+username: myuser
+password: "my # password"
+EOF
diff --git a/pkg/auth/testdata/get_credentials_yaml_password b/pkg/auth/testdata/get_credentials_yaml_password
index 681f6188f..ec40565fe 100755
--- a/pkg/auth/testdata/get_credentials_yaml_password
+++ b/pkg/auth/testdata/get_credentials_yaml_password
@@ -1,3 +1,6 @@
 #!/bin/bash
 # Used by pkg/auth/auth_test.go
-echo "password: script-password"
\ No newline at end of file
+# Single quotes are used to avoid escaping special characters
+# Single quotes can not contain single quotes, so we use '\'' to close
+# the single quote, add a single quote, and then open the single quote again
+echo 'password: "password #\"`!@#$%^&*()-=[]|:'\''<>/ password"'
\ No newline at end of file
diff --git a/pkg/auth/testdata/get_password_plain b/pkg/auth/testdata/get_password_plain
index d4a2fabfd..2c9fe87ba 100755
--- a/pkg/auth/testdata/get_password_plain
+++ b/pkg/auth/testdata/get_password_plain
@@ -1,3 +1,3 @@
 #!/bin/bash
 # Used by pkg/auth/auth_test.go
-echo "plain-text-password"
\ No newline at end of file
+echo 'plain-text-password'
\ No newline at end of file