Thanks for your remarks on KeePass; I have at times been a heavy user. I've often wondered about its security (especially the security of its ports) but I don't have the expertise to evaluate it myself. I'm not aware of any audits or systematic analyses as it hasn't received the attention that mobile password managers have.

The truly paranoid keep their KeePass database in an encrypted volume used solely for that purpose.