Interesting one. They seem to answer all common objections well. I would probably try it for my own org, but not for any clients without their prior permission. Generating an API key for this and then revoking after seems to keep it as safe as possible.
- Ex community all-star (⌐⊙_⊙)