Do you feel ok opening up a project to remote freelancers? What precaution(s) do you take?

I'm not in such a situation, but my first thought would be: Use pullrequests with reviews. Or at least lock master/develop branch and make sure to prevent ci/di from running any deployments without permission

_divide et impera_

Split your project into separate subprojects. Define a proper contract layer so you could hand nothing but interfaces to those freelancers and let them do the work. After all that's all one needs to build a module.

If you're giving access to an already built module, do use pull requests as Alex has already pointed out.

And again. Make sure all your subprojects have a very clear separation, so in case your code is leaked it would be only a single piece of a puzzle that gets out.

Pull requests are nice safeguards.