Having all those TXT records at the domain apex like that makes the TXT query reply huge, which affects, for instance, every mail recipient who merely wants to check the SPF record. This is a bad pattern to follow.

The domains with large numbers of TXT records are also used in DNS DDoS amplification attacks. Spoofed UDP requests to domains that have a large number of TXT records are used to slam other sites. In the past I would transparently strip the TXT records when I ran public DNS recursive resolvers nobody noticed except the botters but some here may be activated. Some domains with a lot of dangling records:

    for i in $(echo "ycombinator.com 500px.com box.com ebay.com google.com hm.com lenovo.com nordstrom.com realtor.com tmz.com wired.com");do echo -en "${i}:  ";dig +short +nocookie -t TXT "${i}"|wc -l;done|sort -rn -k2
    nordstrom.com:  39
    lenovo.com:  38
    realtor.com:  36
    ebay.com:  36
    hm.com:  34
    box.com:  28
    wired.com:  27
    tmz.com:  22
    500px.com:  17
    ycombinator.com:  13
    google.com:  13

In unbound.conf:

    local-zone: ycombinator.com typetransparent
    local-data: 'ycombinator.com. TXT "[ddos redacted]"'

    dig +short +nocookie -t txt ycombinator.com
    "[ddos redacted]"

The better pattern is to use an underscore prefix like _discord-verification.domain.com

If your site allows user-created subdomains it shouldn't allow leading underscore. This is reserved somehow.