It can be a security risk. For example, imagine if a popular web framework or ORM is found to have an exploit involving some particular data type, when combined with auto-generated HTML forms. If the companies using the framework are known, and their DB schemas are publicly available, this could be a huge target for attackers.
I'd imagine it can also be a legal concern. For example, a schema may reveal presence of a soft-delete column, which conceptually violates GDPR. If the schema is made public, this could cause unwanted legal attention, even if the column is no longer actively used by any application code.
I'd imagine it can also be a legal concern. For example, a schema may reveal presence of a soft-delete column, which conceptually violates GDPR. If the schema is made public, this could cause unwanted legal attention, even if the column is no longer actively used by any application code.