with a Trezor?
Code is open source so you can investigate it yourself, it is almost identical to Trezor One code with few alterations like language change, and it exist for years that means it has been reviewed by more people.
Only difference is that you can remove SDcard but you can also add epoxy glue yourself and make it more like Coldcard and even better than original Trezor, or you can just remove and hide your SDcard.
With multiple passphrases added to your wallet it would be hard for anyone to get your coins even if he gets access to your SDcard and seed words.
There are things you can do when purchasing hardware wallets, PO boxes, alternative address and name, so that nobody would know if you purchased a wallet, but having hidden backdoors are much worse than this and you never know with closed source.