If you have passwords that are used outside the browser, putting them into the browsers password manager, getting them out feels a little cumbersome.
Related to the tool: Why not just click the export button in Firefox?
Hah. Don't bother us with your mumbo-jumbo, we're doing computer security here.
Choose a password manager which you like. I like having a paper book with a dumb-ass encryption scheme, because my threat model is that I am not going to worry about physical attacks, and servers will detect attempts to brute-force the dumb-ass scheme by adding delays after the first few failures.
I use Firefox's manager for my Mastodon accounts, because no one cares for my 10 followers, and the instance manager can resolve things if needed.
You're posture is assuming that if it doesn't matter to you, then it doesn't matter at all, and that simply is not true.
I'd love to see someone "hack" his book, it would be quite the impressive hack.
And of course, the external tool can have plenty of exploitable leaks unrelated to whether or not it’s integrated to some browser.
If the goal is to have better security, no method of using password alone will bring significant improvement to an authentication system, no matter how great the password manager it’s used with.
You can set a "primary password" for firefox's password manager, meaning that you first have to enter a password before you can access the stored passwords. That should provide equivalent security to using KeepassXC.
I have five passwords in my Firefox manager. (More if I include the ones which are no longer valid, like a few ftp passwords, and passwords to routers I no longer use.)
I think I'm safe.
I avoid online services which require identity as much as I can, because yes, any data builds up. Which means, yes, I buy things in stores, not online, I use cash, not credit/debit/e-cash, and I don't use apps.
If you do use online services, apps, etc., then it sure feels like you are assuming that information leak doesn't matter to you, so it doesn't matter at all.
Which is why my password manager has zero integration directly with the browser, or anything else for that matter. There is a tiny little bit of extra legwork caused by this⁰, but IMO it is a good compromise between convenience and easily available attack surface.
----
[0] and it might be susceptible to attacks that manage to listen to the OS message queue & clipboard where a browser integrated method would not be, but once something is that far into your system there isn't much that is going to help you except maybe an orbital nuke.