diff --git a/view_maturity_results.sh b/view_maturity_results.sh
index 5f60ad0..2f0d154 100755
--- a/view_maturity_results.sh
+++ b/view_maturity_results.sh
@@ -1,5 +1,21 @@
 #!/bin/bash
 # Norda Biznes - Quick View Scripts for Digital Maturity Results
+#
+# SECURITY NOTE: This script requires PGPASSWORD environment variable to be set
+# Usage:
+#   export PGPASSWORD='your_database_password'
+#   ./view_maturity_results.sh
+#
+# NEVER hardcode passwords in scripts (CWE-798: Use of Hard-coded Credentials)
+
+# Check if PGPASSWORD is set
+if [ -z "$PGPASSWORD" ]; then
+    echo "ERROR: PGPASSWORD environment variable is not set"
+    echo "Please set it before running this script:"
+    echo "  export PGPASSWORD='your_database_password'"
+    echo "  ./view_maturity_results.sh"
+    exit 1
+fi
 
 echo "====================================="
 echo "NORDA BIZNES - DIGITAL MATURITY"
@@ -8,7 +24,7 @@ echo ""
 
 # 1. Top 10 firms
 echo "🏆 TOP 10 NAJLEPSZYCH FIRM:"
-ssh root@10.22.68.249 "PGPASSWORD='NordaBiz2025Secure' psql -h localhost -U nordabiz_app -d nordabiz -c \"
+ssh root@10.22.68.249 "PGPASSWORD=\"$PGPASSWORD\" psql -h localhost -U nordabiz_app -d nordabiz -c \"
 SELECT
     c.name,
     cdm.overall_score,
@@ -23,7 +39,7 @@ LIMIT 10;
 
 echo ""
 echo "💰 TOP 10 SZANS SPRZEDAŻOWYCH:"
-ssh root@10.22.68.249 "PGPASSWORD='NordaBiz2025Secure' psql -h localhost -U nordabiz_app -d nordabiz -c \"
+ssh root@10.22.68.249 "PGPASSWORD=\"$PGPASSWORD\" psql -h localhost -U nordabiz_app -d nordabiz -c \"
 SELECT
     c.name,
     cdm.sales_readiness,
@@ -40,7 +56,7 @@ LIMIT 10;
 
 echo ""
 echo "📊 STATYSTYKI OGÓLNE:"
-ssh root@10.22.68.249 "PGPASSWORD='NordaBiz2025Secure' psql -h localhost -U nordabiz_app -d nordabiz -c \"
+ssh root@10.22.68.249 "PGPASSWORD=\"$PGPASSWORD\" psql -h localhost -U nordabiz_app -d nordabiz -c \"
 SELECT
     COUNT(*) as total_analyzed,
     ROUND(AVG(overall_score), 1) as avg_score,