These hardware wallets which are very popular among the community today; Trezor and Ledger more specifically are seen as gods gift among the community and everyone believes they are 100% safe. But, can we really trust those behind the development? Can we trust that the government haven't got their hands in things?
You don't really have to trust someone. You can verify everything by yourself because the 'important' parts of the wallets are open source
and therefore accessable by everyone who has access to the internet. To verify the hardware isn't as easy as verifying the software, but you can
still compare which chips are built-in and (theoretically) 'reproduce' it on an emulator? I mean, this second step is only for extremely paranoid people.
But this still could be an exaggerated option.
Ultimately, I would like some discussion on the safety of using hardware wallets specifically or generating/importing/exporting private keys on them.
Hardware wallets are kinda made for generating private keys (randomly).
But you shouldn't be able to import/export private keys into/from a hardware wallet. Such a private key should be looked at as compromised.
Therefore, to guarantee the integrity and confidentality of your keys they only can (and should) be generated on your HW device.