Re: TL;DR - don't trust any encryption you didn't write.
OpenPGP is not middle ground. Unless you are a literal tin-foil hatter. (https://www.youtube.com/watch?v=urglg3WimHA) OpenPGP is the sort of project almost custom-made for the open source movement. LOTS of attention from good crypto people & top-notch programmers from many (non-cooperating) jurisdictions.
For OpenPGP, it is the end user which is the weakest link. Always.