1Password CLI vulnerability?

I saw this vulnerability disclosure on hackernews and the basic gist of it seems to be that if you have malicious software running on your computer and you give the credentials to your 1password account to that malicious software, it will be able to extricate all your secrets. Which is known.

I think he makes a fair point about 1password-cli currently being too much "all or nothing" unless you use service accounts and I think the first three proposed fixes would be a welcome usability addition, but they would only make it harder to extricate secrets, not impossible. The last one "Prompt for each process individually, closing the gap for subprocesses" seems impractical, throwing up too many access prompts for unknown sub process names, which would quickly become a "Just click allow" situation.

I'd appreciate it if someone from 1password would comment on his report.