What bad can happen if I disable $sce service completely?
angular.module('app').config(function ($sceProvider) {
$sceProvider.enabled(false);
});
You should only disable SCE if you are 100% sure all application bindings (HTML, URL...) are safe. For example, if the application always sanitizes user inputs either on the server or client before rendering then the additional ceremony enforced by SCE may not be necessary.
However, it's very rare that you can be 100% positive that all values are safe, especially when the application grows large and is coded by many developers. Enabling SCE enforces that only values explicitly marked as trusted using one of the $sce.trustAsXXX methods can be used by the application.
For example, if you use ngBindHtml to render some HTML, AngularJS will throw an error unless the scope variable assigned to ngBindHtml is wrapped with $sce.trustAsHtml. Similar enforcement happens when you set templateUrl of a route or directive. This makes the application more secure by failing fast, giving you a chance to audit the each place where the error occurs and decide whether to trust or fix it.
One final note, if you include ngSanitize or implement a $sanitize service, then you don't need to disable SCE to use untrusted HTML values as AngularJS will just sanitize the untrusted inputs using the $sanitize service. Similarly, if a template URL shares the origin as the application, there's no need to explicitly wrap it.