Any device or software that you use to create, store and/or secure your keys has full access to your keys. Anyone's best bet against falling victim is to use open hardware and open software that can be audited and signed. This would mean even the Coinkite hardware is untrustable.