From ArchWiki

Replace vi with nano

Security#Use sudo instead of su says that exporting EDITOR=nano is a "severe security risk". Should that be reported here ? --Cvlc (talk) 20:22, 22 September 2021 (UTC)

I don't think i'ts specific to nano, the security risk is on allowing the usage of the EDITOR variable with sudo from what I understand of the page you have linked. --Erus Iluvatar (talk) 11:24, 7 March 2022 (UTC)