[jwilk]

Beware that "gpg --recv-keys <keyid>" (or even "gpg --recv-keys <fingerprint>"!) can be tricked into inserting malicious keys into the keyring:

https://dev.gnupg.org/T3398