The URL itself is not a security risk, and a mod rewrite wouldn't eliminate a security risk if one did exist.
The security risk is if you use the $_GET variable directly in a SQL statement or displayed on the page without scrubbing it to prevent malicious content from being introduced.