1. All new packages are processed through a central server from trusted sources and verified before they are uploaded to the repos.
2. The repos are secured via md5sums through the package lists. If you try to replace a rpm in the repo, the md5sum would not match the package list and error out. While someone might be able to also replace a package list on a server it would get corrected in less than 12 hours due to the repos being dynamic instead of static.