I think this is the only architectural explanation and it leaves open many questions (of course anyone can read the code but that's more involved than reading a thorough specification):
https://blog.muun.com/muuns-multisig-model/
They claim self-custody a lot, but that all revolves around giving you access to your seed words and private keys. A private key which was used to create and fund a LN channel, doesn't immediately give you back your (LN) funds, if the channel is still open. This means if you delete the app and want to recover funds via seed words, it's not as trivial as when recovering a pure on-chain wallet. You'll need to wait for the channels to force-close due to your client being inactive for too long or so, which also costs more in fees and takes time.
They built a tool (https://github.com/muun/recovery) that I think uses your private key to close all channels and transfer all funds to an on-chain address, and I think this recovery is aided by the fact that - as I mentioned - the majority of your funds are on-chain anyway when using Muun. Hence my recommendation, not to call it a Lightning wallet.
So yeah, it's self-custodial, I never said it wasn't, but the control is way more limited than what I'm used to from Breez, which is a complete full-fledged and fully-functional lightning instance in an app. This gives users more 'custodiality' in a way, that they have more control, right from the app itself, without having to go through a wallet restore process in case of a problem.
The biggest issue for me though, is that not all funds are on LN and that really sucks
Receiving from Bitcoin addresses and sending to them, works perfectly fine on the other 2 mentioned and recommended 'pure-LN' wallets, through the use of submarine swap providers like boltz.exchange.