Not sure I agree, would you buy an nsec from me knowing that I could easily keep a copy and continue to use it?
What are you getting by having the nsec that you didn’t have with the npub? (other than being able to read DMs and create new events with it)
You could inject follows to artificially boost numbers of certain accounts, you can dm and publicly post scams, or even regular ads, very theoretically I could even imagine a scenario, where your linked lightning wallet could be drained. (though admittably, that would necessitate multiple major vulnerabilities to be present at once)
Whatever you can do on Nostr can be misused for a nefarious purpose. Right now barely any attack is actually worth doing because of the relatively small user base. but as Nostr grows, attacks become more profitable.
