I happened to run kgpg from the CLI in a konsole, and then used its editor to open an encrypted file.
What I then noticed was that as I typed stuff in the editor, the characters were appearing in the konsole (numeric encoding)
e.g. 65 for 'a', 66 for 'b' etc.
They seemed to go to stderr.

This seems a bit insecure for an application commonly used for storing stuff securely in encrypted files!

Should I be avoiding kgpg? Are there better more secure tools for encrypting files?