This is one of those things that involves using common sense. You should only give someone access to your cPanel if you trust them. It's also best to limit access in general. It's too easy for someone to accidentally screw something up if you have a bunch of people using the cPanel or making changes via FTP.