It's mainly as you put it. I could grab a popular FOSS nostr web client and add malicious code. Then make a .onion of it. Could share to Chinese or other users in their language. Can then have users self-XSS, fingerprinting, Cross-Site Request Forgery, and get MITM off top of my head. Could be spread by impersonation of the client's developer(s).

Depends on a persons level of acceptable risk. If I were a dissident in a hostile country, for example, I would never enable JavaScript. The fire up Tails then install Gossip approach is easiest come up with. Have seen foreign intelligence services make "privacy focused" informational sites with misinformation on how to be anonymous online. (NOT saying OP is one of these to be clear. 😉) All comes down to why someone needs to use Tor. Tor browser calls that setting "Safest" for a reason.