trezor signs the transaction, and sends the signed tx back to your computer
you broadcast it.
using an airgapped computer means you are putting a lot of faith into the rng. Trezor allows you to select your own pin & passphrase on top of the 256bit private key.
saying that you wouldnt trust more than 10 btc into trezor, but believe that airgapping a computer solely for wallet generation of btc over 10 is laughable. I mean, do you seriously believe that an offline version of bitaddress.org is safer than trezor?
This is a bit offtopic but i`ll respond.
First of all bitaddress.org i dont know what RNG they use but i heard that it sucks. Secondly there are cryptographic pseurodrandom number generators that will generate CRNG numbers, even if the seed is generated with a compromized generator, but the individual number is not known.
So basically if I got a compromized RNG, and i generate this 2903428905890289035801902902903529038172890318341093980189201890 (secret but flawed) number, then running a CRNG algo on it, could generate a perfectly secure K variable, to send transaction from my address.
Besides if I`d have 100 BTC offline I`d use the address once, so no leak will happen there.
So it is safer than trezor!