Pro Manually allowing a program to "go out"
... which hardens security, altough this can be viewed as a con by some. If the user doesn't take an action to allow a program (TinyWall asks before allowing that) to "go out", it won't automatically allow it, as some other firewall programs do. However, this feature is probably the best of it because it will never allow any malicious software to start, even if it was downloaded on the user's computer.
Con The easiest way to train Tiny Wall is insecure
If, for example, you have to use a script that might download some tools (e.g. installs Rust), the easiest way is to enable the Learning mode. In that mode any application without rule can connect but it is logged as new rule (for later verification). An option is missing to allow all applications/processes which were launched as the current one, including all child processes.
Con Easy to forget that TinyWall is blocking a certain application
When wondering why some application behaves wrong, it's not easy to remember that the TinyWall might be the reason - because there was no rule yet for the specified application. For firewalls that show a notification, this could be connected more easily.
Con Manually adding each program to "go out"
If one's using 3-4 programs for accessing the internet, it would be OK for them to whitelist them manually. But if one has many programs that use internet like Steam, any audio player to listen to an online radio, an internet browser and many others, it would be a little annyoing to do all that manually. On top of that the user will have to whitelist manually every single executable of the program that uses internet, which includes executables named "updater.exe", like the one Skype has. If not whitelisted manually - no updates.