Back to Chipmixer, to my knowledge so far no claims have been made with regards to users being (selective) scammed and that is a great thing for reputation sake but would a third party independent external auditor checking things over and giving their verdict be enough to reassure those that are not convinced about its effectiveness for anonymity?
Well, sure, but i think that the point is that that's impossible. Let's suppose an auditor checks Chipmixer's infrastructure- and then gives "the green light"; Chipmixer could, if they wanted to, simply change some of the source code. Any of the current mixers could.
But also, for logging transactions, with mixers being in the current form they are; they wouldn't even need to change any code/have any "malicious code". there would be a multitude of ways to log transactions, and still pass an "audit" at the same time.
Thus, it all comes down to pure trust.
That issue of pure trust you refer to (as in just trusting a project or a person) based on available evidence and gut-feeling, it varies from person to person. Maybe there will never be a universal position on this as it stands but if the day comes where there was ever a major breach or major scam which resulted in losses for either the mixer or the end user then it might be the catalyst to kick start an overhaul of how mixers work.