That is way too much work. Doing work means stuff is happening and stuff means sidechannel attacks that someone else hasn't audited, because it's not an integrated product anyone would bother auditing.

In particular, I don't see how 2FA is possible with this, so shoulder surfing is a bigger issue.

I definitely trust Google or BitWarden more than a password I can memorize plus my own constant vigilance.

Umm, why not?

First, you can use a different app (like aegis) to generate OTPs.

Second, pass has an extension (https://github.com/tadfisher/pass-otp) that can be used to generate OTPs.

Third, you can use something like oathtool to generate your otp using your totp secret

oathtool -b --totp "your-totp-secret"