Even if you kept it closed they would inspect it to find out what its doing to bypass their security, so in both ways the mere existence of the tool will make them react if they repeat the same mistakes of other companies with this hostile attitude.

The difference is that the community wouldn't trust it, what else it might do after regaining SSH?

Keep it closed and you will: Not stop them from "fix it in future firmware or other hardware versions", AND get distrusted by the community.

If you want trust, release code. You have nothing to fear from Bitmain, they are your opponent anyway, but losing the trust from the community is final.

And do note some determined person might also reverse engineer your tool and release an open source solution based on it ANYWAY. Why lose your chance? Embrace Open Source and earn the reputation it brings.

Of course Bitmain COULD learn from computer history (at least since the 80ies) and drop the stupidity already. OR people could vote with their wallets and buy MicroBT, Canaan Creative, etc.