Hello,
Gixy is a tool to check the problem of security in nginx config. I have made a test on my yunohost server. I found only some issue about some app. I think it could be good to integrate this tools to check the security level for all app. Maybe in package check 
What do you think ?
Yes, that’s sound like a good idea.
Just we you should try it.
in my case, i had a warning
Problem: [http_splitting] Possible HTTP-Splitting vulnerability.
Description: Using variables that can contain “\n” may lead to http injection.
in nextcloud.conf
I replaced $uri by $request_uri in the redirection and i have no more error… and redirection still works… A PR seem to handle this on nextcloud_ynh git : Possible HTTP-Splitting vulnerability by ZeJMaN · Pull Request #33 · YunoHost-Apps/nextcloud_ynh · GitHub