Optional prompt before allowing authentication with forwarded agent
From "man ssh-add" on Ubuntu:
-c Indicates that added identities should be subject to confirmation before being used for authentication. Confirmation is performed by ssh-askpass(1). Successful confirmation is signaled by a zero exit status from ssh-askpass(1), rather than text entered into the requester.
This important security feature prevents unauthorized usage of SSH keys in your forwarded ssh-agent. Termius should show a confirmation prompt when a signing request is received when the ssh-agent has been forwarded.
It would be extra helpful (though not critical) to support the same options as Kryptonite: allow once, allow all for one hour, reject
An example of the kind of mischief this feature could help prevent: https://defn.io/2019/04/12/ssh-forwarding/
ProxyCommand and ProxyJump (mentioned in a separate feature request) would be preferable for the use case of shelling into a third host from a bastion server, but there are other use cases where agent forwarding is still necessary. For example, if you need to perform some SSH-authenticated git pull / scp commands on the host you're connecting to.