This is kind of a chicken and the egg problem.
Your system needs to know certain info to use the cloud drive, so that info (or the means to get that info) needs to be stored locally somehow. There is really no way to both let the system have access (directly or indirectly) and also not store the secrets that risk being stolen if the system is compromised.
Unless of course you want to type in a password and effectively "store a key in your mind". Or on an USB, or piece or paper or whatever. rclone has a function that lets you do this. It can just be a hassle to deal with as you generally want stuff like this to run automatically and not require a bunch of passwords each time they start.
The options really are - either to store a critical piece of information (such as the key to decode the config) outside the system as I mentioned.
Use some scripting to obfuscate as much as possible - preferably in a non-standard way. Obfuscation can always be defeated, but it if it's not handled in a standard way it is usually enough to discourage it from being picked up. Very rarely are you as an individual personally targeted after all, and that just makes it not worth the effort to scour every byte of data for hidden secrets. Most intrusions rely on automation and a wide spread - so if it can't just pick up the obfuscated password easily in the standard place it's likely to safe you from disaster. @asdffdsa is kind of paranoid about this and uses some elaborate obfuscation on his setup. If this is the route you want to go - you might drop him a PM and ask him to share some techniques and script-bits.
Personally I think that so far rclone is not large-scale enough to really be a target yet. I have yet to hear about any malware that targets or is aware of rclone directly. I think the worst threat is probably just that something like randomware might affect mounted drives (like any other harddrives). This can be recovered via the trash-systems that most backends use though - or via rclone's --backup-dir and keeping this location outside what you mount.