As a security measure, WordPress includes these index.php files to account for hosts that by default enable directory browsing.
Including them makes sure that no one can see the list of files in that directory, which could let them know what plugins or versions you are running and thus give them some things to try to hack your site.
As long as you don’t have directory listings enabled, they are safe to delete (although there’s probably no reason to delete them).