Securely transferring files to a potentially compromised virtual machine is a well-known pain in the security community. Shared folders require guest additions, but historically that introduces virtual machine escape vulnerabilities. Host-only networking avoids that problem, but allows the virtual machine to attack the host more traditionally. Fortunately, there's a simple way to introduce files without either issue.

mkisofs -o filename.iso /path/to/dir

Add filename.iso as a cdrom image to the VM and enjoy secure file transfers without the extra attack surface.