4/5 For light-wallets it's hard to fully validate a script at this point in time. In a worst case scenario, malicious, or poorly built dApps, would only be able to take this amount.
Finally, collateral aims to prevent bad actor from spamming the network with failing contracts.