This could result in serious personal harm if the individual(s) causing the duress sense something is up, which they almost certainly will if things start magically disappearing or locking up. You better make sure that whatever you are protecting with this is more important than your personal safety.
Your safety is compromised, but that does not mean the danger cannot be escalated. If you are mugged at gunpoint, are you going to hand over all your cash and keep your hands up as much as possible or are you going to swiftly cut up your credit cards?
For sure; there's risk/benefit to this kind of mitigation. One thing to note is all the actions occur before the user drops into a shell (or for desktop login the desktop rendering). If one is simply getting rid of LUKS containers or deleting VPN credentials it wouldn't take very long at all.
One could even write in a routine that removes the duress module entirely so it's a one-shot duress password that cleans up sensitive data, notifies anyone who needs it and then immediately removes all evidence that pam-duress was employed.
But you are right this is a tool with risks/benefits and the risks changed based on what's being protected and the context of the coercion.
