Watchtower itself works great, it doesn't need a GUI for what it does.
But updating containers in general, either manually or automatically, always carries a risk of something breaking due to the new update.
One thing you can do is make sure you're not using :latest tags in your compose files, and instead pin major versions like postgres:13
And of course make sure you have backups going back multiple points in time in case something does break, and test those backups!
Password managers are a HUGE target, and while I'm sure they do everything possible to prevent a breach from actually obtaining peoples passwords, vulnerabilities do happen.
That's why I think self hosted Bitwarden or KeePass with a file are the way to go.