I've been using it on https://46bit.com for something like a year now, and the thing I've realised is that it's largely a luddite thing. The movement is a rebellion against POS software like Wordpress, but ignores the fact that building a nice, Markdown-driven app with caching and a lovely interface is actually quite easy & friendlier in the long run.
It might be great for people afraid of servers, but I'm not. I don't want to be - I'm still serving a bunch of dynamic apps off the same two servers I use for a few static sites, and I enjoy learning how to tune them.
I'm planning to transition away from static sites. Initially to just serving a Sinatra app, then later to a custom Padrino or Rails blog engine. Would love to hear if anyone's got any suggestions for something off-the-shelf and hacker friendly in Ruby though.
Sure, it's easy enough to scale Wordpress, but I literally won't use 99% of the features that Wordpress offers, and all those features are potential attack vectors. On top of that, with every blog engine / CMS I've ever used (including the ones I'd custom-written), at some point I end up needing to use an iframe with static content because a CMS is only so flexible.
Instead of all that, I can put up a static page that is infinitely flexible, use Disqus for comments, and be pretty much free of risk. No database to hack into, no patches to apply, etc. On top of all that, it's even easier than using Wordpress.
So, while I don't disagree that there are people using Jekyll and ilk to rebel against Wordpress, an equally valid wonderment would be in trying to figure out how Wordpress got so carried away.
Editing to add that your approach is pretty much the same thing I did, but in Django instead of Ruby. I kept using the "CMS"-like methods of Django, but then completely render them out as static pages to be published to S3.
The ideal engine for me still uses flat files for content, but doesn't compile the files to HTML. Let a cache like Varnish handle the load. That way I can implement things like comments without running off to the latest service-of-the-month that might shut down and take everything with them.
If you're accepting use input to write files, then you have vulnerability. I'm not saying you do or don't, but it's an attack vector. As for Disqus, sure, I'm at their whimsy when it comes to security, but they haven't bitten me yet, and I'd hardly consider them fly-by-night as they've been around for years now, and has been profitable since their first year.
For what it's worth, I wasn't considering the admin site as vulnerable, as those are generally disabled before deploying, but if you're running a database, or varnish, or Apache, or whatever, your risk is increased for vulnerability, but I suppose that's neither here nor there really, as I think it comes down to a matter of taste and, as you said, I'm trading system vulnerability for third party vulnerability. The upside though is that while sure, somebody could munge my site up, fixing it is just uploading another copy.
Sorry, that's probably confusing language here. I was referring to structuring Markdown files in a flat-file database, not the concept of compiled HTML files.