They list no stipulations about prohibited certificate uses[1]. Their restrictions on domain uses seem to be mostly tied to legal requirements (not issuing for sanctioned countries, for example). It's all also pretty transparent, from what I can tell[2][3]. Certainly more so than a normal CA.

[1]: https://letsencrypt.org/documents/isrg-cp-v3.3/#1.4.2-prohib...

[2]: https://letsdebug.net/

[3]: https://github.com/letsdebug/letsdebug