A program like this has vastly less attack surface than a full SSH protocol implementation. In particular, it doesn't support the part of the SSH protocol that allows executing commands on a remote host. So the only way this will be less secure than OpenSSH is if there's some memory unsafety or a leak of some kind.
almost all of the SSH protocol isn't exposed until you authenticate, and in the vast majority of setups that means you get a shell to execute commands with anyways, so while still important, the key problems are with pre-auth security.
