any application running under your own user can access your private ssh keys
aint that crazy?