Versions of open source TAO 3.3.0 RC2 and before have huge security vulnerabilities
Note: these people contacted TAO for many months. The vulnerabilities were discovered Sept 16, 2019 and TAO did not acknowledge until April 8, 2020.
So much for a commitment to open source. Their hosted version was OK.