I've not used sftp at all.
I've only used scp when I had control at both ends.
On Wed, 4 Nov 2020, George N. White III wrote:
> This is due to a fundamental insecurity in the old-style SCP protocol: the
> client sends the wildcard string (*.c) to the server, and the server sends
> back a sequence of file names that match the wildcard pattern. However,
> there is nothing to stop the server sending back a different pattern and
> writing over one of your other files: if you request *.c, the server might
> send back the file name AUTOEXEC.BAT and install a virus for you. Since the
> wildcard matching rules are decided by the server, the client cannot
> reliably verify that the filenames sent back match the pattern.
In this particular case, I'd think the client
could tell that a .BAT file was not a .c file.
Downloading 1000's of files resulting from some HPC calculation
it would be easy to overlook an unwanted file.
There is only so much any protocol can do about a malicious server.
Even if the client explicitly specifies a server file,
there is no guarantee that the server will send a correct copy.
Those HPC systems can have many users, all with write access to
shared data spaces; one compromised user workstation could be
used to place malware where scp might find it. It is more of a
concern now that user workstations have moved into people's
homes outside the enterprise LAN's.