Physical attestations are hard to solve, I think it would be nice if all TPMs in laptops had this. Then the problem becomes how do you automate stuff that needs to be done.

And then the moment you authenticate, the fake sudo still executes its payload.

Yubikeys do not fix this issue.