I thought Atom was MIT-licensed, and this allowed anyone to use it even if it’s no longer developed? I mean, if a piece of software does what you need, what difference does the date of the last commit in its source tree make?
Of course, Atom, like all these Electron abominations, will suffer from the fact that it’s basically a bunch of JS, CSS, and a pinch of HTML slapped on top of a Chromium build, so all the bugs and security vulnerabilities in that build are to stay with you forever unless you are prepared to regularly perform the (rather tedious) task of rebuilding the app against a newer Chromium release. However, based on your usage model and your workflow, I seriously doubt any security vulnerabilities known or to be discovered in Chromium are likely to affect you. You don’t do networking in your Atom, you use it on your own data, and as long as you don’t feed it a purposely-malformed file from some Russian Hackers’ Forum(™) that is intended to cause a heap overflow, infect your machine, and steal all your Bitcoins (and also do some mining, so that your next electricity bill makes you a bankrupt), you should be fine using the version you have.