We decide against using web-based key management for several reasons.
Phishing - Due to the nature of hypertext, it is easier to direct someone to a fake web page than a fake app.
Browser Privacy - Many popular browser extensions have permission to read and alter every web page a user visits. When a user chooses to trust a web wallet, they are also choosing to trust every extension provider they are using with the security of their funds. Even if the keys are not present on the web page, a malicious extension could alter addresses, showing the user a receiving address that belongs to the attacker.
Complexity - To protect against malware, a web wallet should only be used on a dedicated single-purpose air-gapped computer. Due to the complexity of setting up an air-gapped system, many users will fail to do so, putting their funds at risk.