This is a very important and useful document. I found it useful and will recommend it to others once published.

The only thing I'd point out is the opportunity to perhaps add a sentence opining on the intersection between "confusables" and "unassigned code points", and point out that if "confusables" is in your threat model, you have to admit you've signed up for reviewing and/or consuming a new list of valid code points every new unicode release.