- New module: modules/nixos/security/ai-worker-restricted.nix
- Bind mount for infra repo access (RW)
- Whitelisted sudo commands: nh, nixos-rebuild, nixpkgs-fmt, nix
- Audit logging for infra changes
- Documentation in README-ai-worker.md
- Updated users/ai-worker.nix:
- Enable services.aiWorkerAccess
- Lock password (SSH key only)
- Security documentation comments
- Updated flake.nix:
- Include new security module
SECURITY: AI must ask for user confirmation before running nh os switch
