Secure deploy of a meteor app


OK, I wish to dive into Meteor dev. Because I need to dev with 3rd party APIs that need secure keys, I need an https site, so I will install the force ssl package.
If I deploy to meteor deploy free service:

  1. Is behind the scene upload secure? (if not, is there a way to make it secure?)
    (such as if I need to include private keys for 3rd party APIs such a AWS, Paypal, etc)
  2. Is it secure enough so nobody else can hack my code?
    (So, no problem putting private keys for experimenting AWS file upload, that needs anyway a key that could be used by hackers for their own use that would be invoiced to me; in this case, there is not concept of 2 keys (dev key and prod key) as with payment processors).