Yes, if you believe the original developers, who maintain that they've got the security aspect covered (since user-approval is required prior to granting a module the permissions it requires). I haven't seen any professional do a formal security review of XposedMod yet, but any sec-bug in XposedMod is sure to bring about a huge head-ache for everyone concerned about privacy/surveillance/etc.
