provision-nixos-server

[Skill Scanner] Remote file transfer via SSH/SCP/SFTP/rsync detected All findings: [HIGH] data_exfiltration: Remote file transfer via SSH/SCP/SFTP/rsync detected (NW001) [AITech 8.2.3] [HIGH] data_exfiltration: Remote file transfer via SSH/SCP/SFTP/rsync detected (NW001) [AITech 8.2.3] [HIGH] data_exfiltration: Remote file transfer via SSH/SCP/SFTP/rsync detected (NW001) [AITech 8.2.3] [HIGH] data_exfiltration: Remote file transfer via SSH/SCP/SFTP/rsync detected (NW001) [AITech 8.2.3] This is an operational provisioning guide that aligns with its stated purpose. I found no code or instructions that are inherently malicious (no obfuscated payloads, no external unknown endpoints, no download-and-execute patterns). However, there are clear security risks in the recommended workflow: (1) copying a private 'infrastructure' key to the new host via scp, (2) fetching a GitHub user's public keys directly into authorized_keys without integrity verification, and (3) running initial provisioning as root. These actions are plausible for provisioning but increase credential exposure and attack surface. Treat the guide as high-risk operationally and apply mitigations (use public keys only, avoid transferring private keys, rotate/remove keys after use, prefer least-privilege deployment flows).