That's my point exactly. Why would it be compromised unless you placed some degree of trust in it. Let's be honest, the only reason this is a thing is because you generally have to trust the firmware running on a lot of these devices - Most people don't verify it, and some devices even don't let you verify it, and to my knowledge most aren't even reproducible. Hence, trust.

The bitcoin isn't in the device. Technically speaking, the safest device is no device at all.