Is it possible? Sure. Is it likely? Definitely not.

Trezor is open source, so if there was something shady in the code you would hope (but can't guarantee) that someone in the community would have picked it up and publicized it. If you aren't able to examine the entire source code yourself, then this is the best you can hope for.

In terms of the "stolen" reviews - do any of them actually provide any details? It is easy for a competitor to post fake reviews, and we've also seen countless users on this forum make posts blaming their hardware wallet for the funds being stolen, and it almost always turns out to be a mistake the user has made instead (such as storing their seed phrase in their emails). I wouldn't pick a Trezor device for many reasons, their anti-privacy and pro-censorship stance being the main one, but I also doubt any of these "stolen" reviews are true.