What is possible outcome of Kee's owner hacking?

One thing that makes me feel uneasy about using Kee, is that FF does automatic updates of addons and this particular addon requires many permissions to work.

Am I right, if someone hacks luckyrat (Kee’s owner and maintainer) he can upload malicious version of addon which is going to steal all the passwords in database?

Are there security measurements that could help avoid such situation?

You can disable automatic updates for any firefox extension by going to its options page.