[_jal]

Something to consider, sure.

But the exposure is to anyone with access to your encrypted pass data. Which in the normal use case is going to be anyone with access to your user account, which means they could likely already see your shell and browser history.

[iudqnolq]

Not if you want to access it on multiple devices, in which case the built-in solution is to use git. In that case your git server sees all the metadata.