Good advice to only run your password manager as needed. Don't keep it open while websurfing, etc. (ironically that is when most of us will most not want to do this ;/ )
The paper Password Managers: Under the Hood of Secrets Management looked at how the password managers 1Password, Dashlane, KeePass and LastPass handle secrets, and if it is possible to retrieve sensitive information.