As the article states, currently all processes are able to read the file which contains the key. Instead, you could store the key in the macOS Keychain (and Linux/Windows equivalents), which AFAIK is a list of all sorts of sensitive data (think WiFi passwords etc.), encrypted with your user password. I believe the Keychain also only let’s certain processes see certain entries, so the Signal Desktop App could see only its own encryption key, whereas for example iMessage would only see the iMessage encryption key.
I use gptAssist, which is a webview wrapper for the ChatGPT website.
While I can’t comment on the beeper side of things, I did look into matrix and bridges a bit.
From what I understand, for all e2ee services you use through beeper (and matrix in general), all messages get sent to the server encrypted by matrix, then the server decrypts them and they get re-encrypted in a different protocol (ie. WhatsApp/Signal/…) and then the encrypted message goes out to whatever service.
This would mean that technically the matrix server is able to read all your messages.
This is my main reason for still using the native apps for encrypted services. For unencrypted services I use a my own matrix server with bridges.
Only if you’re logged in as an Administrator though. A “standard” user account can’t access WiFi passwords on Windows.