You could implement an EIP-4337 smart account that delegated to the `isValidSignature` function on the TBA's EIP-1271 implementation, but then you've got an EOA (wallet) that owns an NFT that has a 1271 smart account that a 4337 smart account can interact with. Hardly the essence of simplicity.

As to the potential for danger: I think the existential problem for this proposal is that it puts the entire onus of on-chain security on a single NFT. If someone steals/phishes/scams your NFT, you lose everything associated with the account owned by the NFT too.

Searchcaster