Your concerns are reasonable but unfounded. The code that @nadejde has provided is opensource and can be audited on Github. It was forked from the @EOS repository that used to contain this code. You can view the commit history and see everything @nadejde did to the code. The site is hosted on Github.io pages, so you can be sure that what is in the repository is what is being served, and can verify nothing is being sent to a server by viewing the source. Only difference between EOS's code and that code is that everything but the generator was stripped out. This link was originally shared with me by @DanTheMan. I'm in the process of releasing a key validator.

Additionally, you can generate and re-register a key-pair anytime between now and the end of the ICO, which is June 1st 2018. So if at any point you feel your keys have been compromised, you can act accordingly.

Can two people have the same keypair? While not impossible, the possibilities of key-pair combinations is more than the number of electrons in the observable universe, so the likelihood is so unlikely it's not even worth doing the math. Everything in crypto is based on this form of entropy and probability, EOS keypairs are no different.