That is a feature. If someone cannot do basic diligence of protecting the signing key, should I really trust them for executing code on my machine?
That is a feature. If someone cannot do basic diligence of protecting the signing key, should I really trust them for executing code on my machine?