[the8472]

I think conceptually cloud-based password storage is trustworthy if you separate the cloud storage from the password manager software.

If both were provided by the same vendor then security motivations would not align. E.g. the vendor could reason that it's ok to do server-side encryption instead of client-side for whatever reasons. Or they could capture your master keys and decrypt old backups long after you have deleted things when compelled by a secret court order.

Separating storage and software means the software developer should consider the storage provider as potentially hostile and design the password manager accordingly.

Additionally a separate solution also increases data mobility. You can use your home server instead of cloud providers, you can move vendors instead of being locked into a single ecosystem.

That said, storing your key files offline is still another layer of security that has to be breached, storing it publicly accessible means you are only as safe as your hashed password.

Another concern, unrelated to the cloud aspect, is browser integration for password managers. It's something one should avoid since the browser extensions closely interface with the websites. It increases the risk that a bug in the extension allows a site to trick them into revealing the wrong secrets in an automated fashion.