I'm following along this tutorial: http://pythonforengineers.com/build-a-reddit-bot-part-1/ and in the Create Reddit App subsection it states that I should not have any login credentials directly in the script, because 'others might see them'.
Now, you need to update your praw ini file to remember these settings. Otherwise, you’ll have to put them in your script and thats dangerous (as others might see them).
Does my script get uploaded to Reddit, where it can then be read by other people? If not, why is it then unsafe?
If you're only developing this bot as a proof of concept and always running it from the computer that you're developing it on there is little risk that your credentials will be leaked. However most code doesn't live it's life as only one copy on only one system. The vast majority of modern software development best practices are based around the assumption that different computers will develop the code, store versions of the code and actually run the code.
If you hard code your login credentials in your login script and are only running it from your computer this isn't going to be an issue. What if you need help debugging your bot? What if you're really proud of it and want to show it off? What if you want to store a backup on another system? What if you don't want to have it running on the same computer you developed it on? Suddenly code containing your login credentials are getting shared across multiple computers. The more systems your code is on the easier it will be for someone to get access to them. This is why it's a software development best practice to not hard code secrets, like login credentials, in scripts, or code.
In the case of the tutorial you're following they're instructing you to run your code on a VM and use git for source control. As soon as you commit your credentials into git they will always be a part of that repositories git history. If you ever host your repos on a remote system such as GitHub your credentials will be stored on a system outside your control.