I have to agree with you that the help file is somewhat meager. The next release of Hotkeys will have a better help file (I'm rebuilding it from the ground up).
As to security: everything that is 'sendkeyed' is stored plain in the HKD file. It is also visible on the screen. The next release of Hotkeys will add a 'masking' capability for the Sendkeys text entry field, but this is still not secure.
Maybe adding a password to get into the application and encrypting the HKD file may help in making it more secure, but up until now I haven't given it much thought (noone ever asked for it before). Besides, there's always the issue of how safe encryption is (especially if you distribute the source-code of the program).
If you (or any else) have suggestions, please don't hesitate to share them with me.