I'm no expert at the SNMP protocol and I've failed to find anything in the protocol RFC documentation regarding the tolerance of hyphens in the SNMP community string. It appears to be a double standard where some devices such as Cisco support it while others do not such as HP and NetApp.
Is there any documentation regarding this or reasoning behind the double standard?
I'm pretty sure there's no official word on why, though going through the different vendors' different implementations of the standard might yield clues. To make matters worse, it's even version dependent for some vendors (as in this VMWare KB, where support for the hyphen was added in an update/patch).
You could always search for a list of allowed or prohibited characters in a community string, but that will be different for different vendors too (Cisco uses @ for SNMP indexing, though some of their devices will allow it anyway).
The best idea is to just not use special characters in an SNMP community string, as the value is passed in plaintext anyway, so you don't add any appreciable measure of security by making a plaintext-transmitted value more difficult to guess. It doesn't need to be guessed; it can simply be read.
Rely on a good password to protect your SNMP community strings, not on a complex community string. And the same advice applies to much more broadly than just SNMP - usernames don't supply security to an account, passwords do.
