ssh-agent, as a protocol-concept is not as broken as it sounds. It's just that the implemented interface (socket) is bad when combined with no user acknowledgment of sign requests. I think the worst part is that the agent doesn't ask the user for confirmation, which would essentially invalidate most of the ways you would abuse the agent. Attacks would be reduced to spamming or attempted phishing with agent requests.

Kerberos could have bad interface as well, but I don't know how that would work in this scenario. The protocol itself is secure, but just as with ssh agent forwarding, if you let everyone make authentication requests without requiring user interaction to verify it, it will have the same problems.