The agent can't exactly show up to an in-person key signing party, can it?

And how many people are both dedicated enough to go to key signing parties and stupid enough to let an agent act without supervision in the name of their real-world identity?

Having a key isn't a distinguishing aspect, it's the position in the "web of trust" network that is important.

That's what key signing parties are for. In person verification.

> Nothing really stopping an agent from getting a key

It very much is possible to prevent an agent from having access to a key. For example, local encryption, Yubikey or other hardware device, or just running the agent in an isolated environment.