Custom Vulnerability Checks

Anyone worked with custom vulnerability checks? I’m building one for default account for HTTP/HTTPS. It install and runs correctly. I know the credentials work on a particular device but when I scan it the scan logs and report say not vulnerable. What options are there for configuring the rhelm setting?