Seems to me that if you're talking about smuggling hardware into a SCIF and installing exploits on the servers then doing this exotic form of data collection seems like overkill. There should be faster and more reliable options at that point, like turning the keyboard cable into a crude transmitter by banging bit patterns over it.
I've never seen a SCIF where going in after hours is the "easy route". They're full of motion detectors and the entrance is typically a heavy metal door with a combination lock. The air ducts are too small to crawl through. :)
Currently the only way to exploit this would be a Hollywood style infiltration of a human, at which point a usb stick might be easier to use to get in and out quick...
https://youtu.be/ar0xLps7WSY
I've never seen a SCIF where going in after hours is the "easy route". They're full of motion detectors and the entrance is typically a heavy metal door with a combination lock. The air ducts are too small to crawl through. :)