Quoting from https://docs.featherwallet.org/guides/nodes

However, a malicious remote node can:

• execute an attack that may reveal the true input of a transaction. This attack does not reveal how much is spent or to whom. This attack has a low chance of succeeding and Feather will warn you if it detects this attack.
• make your outgoing transactions stick out by manipulating the transaction fee that you pay.
• associate your outgoing transactions with your IP address (but only if all traffic is routed through clearnet, see Tor support for more information. By default, transactions are broadcast over Tor.)

If you have an insight/feedback on this, please comment.

https://docs.featherwallet.org/guides/tor-support

By default, Feather routes all network traffic over Tor, except for wallet synchronization. Synchronization requires a lot of data transfer and is therefore very slow over Tor. A remote node does not learn much about your wallet during synchronization (for more information see Nodes). We believe this is a reasonable privacy / convenience trade-off.