This still always decrypts the password, because `ssh-add` does not check whether the key is already present in the current agent. This should propably done separately before calling `ssh-add`.