@lance. Yes, there is a trade-off. The bleeding-edge introduces bugs, which is the advantage to the Debian, etc. approach of back-porting security fixes into older, better-vetted versions. However, as some will point out, Debian, RHEL, etc. usually only back-port significant security fixes and minor ones will remain un-patched. Put another way, the answer is complex, but you are correct.
To some degree automatic updates offer a false sense of security. It is true that automatic updates increase security for users who never update. However, it is also true that automatic updates may decrease security for those who are more security minded. This whole chain poses some uses-cases. My problem is that I posted such a use-case and it was completely ignored. I decided to give it another shot and started a new thread with a reasonable solution: again no interest. (See Hook to run scripts before and after refresh) Had someone, anyone, shown an interest, I might believe that automatic updates in snaps are totally about security. Given the total lack of interest in cases where automatic updates harm security, I don’t buy the story. Sorry devs, but you need to listen a bit better or, at-least, fake some interest.