Of course, using TinyShell like SSH brings up some safety issues, here are some answers.
MySQL users
If you are only looking for TinyShell to access your MySQL database, you can safely remove all plugins but Login and MySQL. Furthermore you should set your MySQL connection login information as the default in the TinyShell configuration, to prevent sending this information on a non-secure connection.
Webserver configuration
It is recommended to run the webserver as a user with no rights on the system, or disable all harmful plugins, if you are not on a secure connection.
Safe browsing
To be as safe as possible, you should run TinyShell only from a secure connection like HTTPS, if possible. This will make it almost impossible for anyone to steal your session and gain access to your server.
Login procedure
When you open the TinyShell website you are prompted to provide username and password, like you do when you connect to an SSH server. The login procedure is safe, since no information about your username or password is sent to the server, since a zero-knowledge algorithm is used. Basically, when you type in a password, TinyShell requests a ticket from the server, that can only be used one time. Then a double SHA1 hash of your username and password, salted with the ticket, is calculated on your computer. Then the server calculates the same hash and uses this to verify username and password. If login was successful, your remote IP and your browsers user agent string is stored in a session on the server. If one these variables have changed on a server request, the session is deleted on the server. This is done to prevent an attacker from stealing your session.