I created safer variants of existing key deletion commands and added more confirmation prompts before deleting all keys and primary keys in particular.
1. Factor out the secret key deletion code into a static function to facilitate future changes.
2. Add a `--delete-secret-subkeys` command that refuses to operate on primary keys.
3. Add a `--delete-secret-key-stubs` command that exposes the `agent`'s equivalent functionality.
4. Confirm the deletion of each individual key.
5. Add another confirmation prompt for primary keys.
Here are the patches: