My only wishlist item for `ssh-agent` that would make all use of the agent safer, or nearly as safe as a hardware key, is that it had the option for an interactive confirmation dialog or mechanism for the user to confirm the source, destination, key, and client making the signing request. This is how most crypto wallets work, and given that the SSH private key never leaves the original host's agent's memory, a confirmation on use mechanism would alleviate most remaining forwarded agent hijacking concerns.
Some SSH Agents can do that but SSH isn't "aware" of this. From SSH's perspective it's simply taking long and you can timeout your SSH connection with that. For Example, KeepassXC offers this feature to require confirmation.
The new ed25519-sk and ecdsa-sk keys do also require user interaction because you need to press your key (and also make many concerns of SSH Agent Forwarding Null and Void).
Yeah, I've been using a Yubikey for a bit over a year and I'm already a huge fan of the way it works with SSH/Git. It's a bit more of a pain to set up with WSL2 since you need something like https://github.com/BlackReloaded/wsl2-ssh-pageant but it's absolutely worth the setup time.
