Projects are accessible only to yourself, unless they are shared. Sharing has multiple levels of capabilities, described in access levels
All credentials used for creating connections to different services are stored securely. We encrypt your credentials in cold storage and only decrypt them when creating the cloud resource you are executing with.
However, the credentials for all connection types apart from S3 buckets are accessible as environment variables (so
print (os.environ) reveals them). You should make sure that you only share the project to the people you would trust with connection details.