The point of passkeys is to protect against phishing and password reuse. You can't protect against local compromise, even if your passkeys are stored in something like a YubiKey, because once you log in to your bank with your hardware-backed passkey, the malware on your computer could use the session you started to transfer all of your money out of your account.
That's not quite correct. This can easily be seen by simply considering that the people who developed the passkey standard are also developing a passkey import/export standard which is nearly done and implementations are appearing in the field already.
For example Apple's Passwords app on MacOS/iOS/iPadOS 26 now supports export and import of passkeys to/from other apps that support that standard. I don't know if any other apps have yet actually released such support.
Can you send some documentation on how? For example, I tried googling for transferring a passkey out of popular systems and it doesn't seem possible[1][2] other than through JSON export[3] which is what some sites want to block as I understand.
I don't think you're going to find it. The main vendors are hostile to this workflow. I get why, any flow that can exist to export passkeys can be used by hostile actors to walk a 75-year old millionaire grandma through handing over $$$. I think however that that's just a risk we have to make the bank and brokerages accept. It's not a problem with a technical solution.
Wasn't the discussion you responded to about how they currently can't be shared and that the vendors don't want them to be shared as it breaks their desired lock-in?