Well, that someone nefarious who gets access can then only steal from that point on. Recall will allow him to find out you were having a wank last Tuesday at 7PM.

Some ads have used browser exploits to infect visitors in the past. So this is a very, very bad idea, if it actually is implemented in a way that is hard to filter for ad networks.

People are conflating the LLM and the app.