Another factor is you have to completely trust or at least highly trust the team. I think being a "trust-based" wallet alone is a potential red flag already and you should think carefully before using them. Why? The developers can do a lot of changes in the wallet. I can't remember who said this but here's an example, the developers can ask you to pass KYC verification before you can access your funds again.
They can do much worse than arbitrarily demand KYC. They can use pre-generated seeds so they already know the private key to every address the wallet generates, or in the cases of people importing seeds, they can simply program the wallet to send the seed back to the developers. They can even insert a few lines of code to an update that simply sends everything in the wallet to them. With closed source wallets, you have to trust the developers
completely.
hehe Coinomi was already doing the second part. it was sending the seed to their servers to be "checked" for spelling errors, etc. and it is closed source so there isn't that much information about what the hell was going on really. all we know was that it communicated the mnemonic with a server and the devs were evasive about it.