Eh, it might be a bit useful if there's a passive adversary on the server. They can read traffic, but not change anything. Pretty unlikely scenario, so it doesn't really buy you much.
Your cloud hosting provider can easily be a passive adversary. Altering your data is risky for them (you might notice) so they won't alter your copy of openpgp.js or the public keys you use. But looking at all of your disk and memory and network is something they can do and you would never know. But if the private key is not on the server, they will never be able to decrypt the messages encrypted for you....