I agree, but picture this: if someone get their hands in a kdbx database, they would need to brute force through the master password; they couldn’t possibly know any sites or logins. In the other hand, if someone got your password store, and you used this hierarchy structure, they could try to attack directly the logins, which increases the attack surface. That being said, yes, I completely agree with your last statement.

edit. For example, if you want to host the password database in a host service not owned by yourself, pass is entirely out of question in this case. A kbdx database, however, would offer a good deal of privacy

Hmm I get it. As I said, I think there is good use cases for it, specially because of the simplicity, but I personally prefer to have the entire database encrypted, kinda like keepassxc does

So even the sub-directories of the password store are encrypted? For example, even if I put my password int the name of a subdirectory, they wouldn’t be able to see it?