Hi,
When exporting endpoints, or tasks with endpoints, please check whether the password starts with "lookup::" and if so, decrypt the password and export it as open text.
To make the solution more secure, an additional repctl.cfg option could be devised to enable such an export in the first place.
Thanks.