Serious question:  Are signing apps considered standard best practice ATM?

Frankly, as long as I'm going to be pasting my nsec into any app - even if I know it's only ever going to be pasted into that one app - I'm still not going to trust that nsec with anything important.