{ pkgs, inputs, config, keys, ... }: {
  users.users.ai-worker = {
    isSystemUser = true;
    group = "ai-worker";
    home = "/home/ai-worker";
    createHome = true;
    extraGroups = [ "docker" ];
    shell = pkgs.bashInteractive;
    openssh.authorizedKeys.keys = [
      keys.users.ai-worker.main
    ];
    # No password login - SSH key only
    hashedPassword = "!";
  };
  users.groups.ai-worker = {};

  # Enable restricted AI worker access with deployment capabilities
  # SECURITY: ai-worker can only:
  #   - Access /home/ai-worker/infra (bind-mounted to /home/gortium/infra)
  #   - Run: nh, nixos-rebuild, nixpkgs-fmt, nix (via sudo, no password)
  #   - Manage docker containers (via docker group)
  #   - All changes to infra/ are logged via audit subsystem
  # WORKFLOW: AI must ask for user confirmation before running nh os switch
  services.aiWorkerAccess = true;
}