As Quartx said, split-key address generation protects you from us being malicious or hacked.
If you order an address there's a video explaining how to create a public/private key on your own machine, if you only send us the public key there's no way we can do something wrong. Security of your machine is then indeed the only risk.

Thanks for the question and let us know if something isn't clear!