Provided your nsec is not transmitted by a nostr client and all message signing is client-side, the private key should be safe. The operative word, of course, is should.