`agent_pkdecrypt` injects a trailing NUL byte in a couple places, which makes the memory buffer different from what the canonical S-expression would be. It is also dangerous to encourage other parts of the code to treat an S-expression as a C string, since it might contain NUL bytes mid-stream (e.g., when a high-entropy bytestring is present in the S-expression).