Interesting question. I don't have any references, but I always assumed that in terms of security, the advantage is reducing what an attacker might be able to do, *after* they find a vulnerability in the application. For example, it is likely harder to use "off the shelf" scripts to get a shell if you don't have a shell in the image at all. However, I don't have any "evidence" that this is true for you.
I personally find the image size to be a real advantage. It makes uploading, deploying and dynamically scaling up etc noticably faster.
Evan