@intrbiz yes, certainly. That is more or less the equivalent to always logging into your computer as root/Administrator.
It hurts the principle of least privilege.
If you need DDL privileges, create a user and give him his owned database but use superuser privileges as little as possible in a real application.
@intrbiz and what about using the public schema? 😉
Personally I don‘t mind using the postgres database but using the postgres user for an application is a big red flag for me.
Time for a cuppa... Earl Grey please!