But you can take your device off the network when running the password manager to ensure it isn't able to do that, for example. (Or more realistically, you can watch with something like Little Snitch or WireShark to ensure it isn't happening.) That's something you can't do when the password manager requires the network to do its main function.
It's absolutely incredible to me that people ignore one of the biggest sides of the argument for pre-baked, user friendly products like 1Password: usability for as many people as possible.
You're trusting the client whether or not it can talk on the network. A malicious update that starts generating predictable passwords for websites doesn't need a network connection.
