There have been comments already to your question. My two cents are: if you use the consumer laptop air-gapped as a cold wallet only, that I'd consider safer than this Ledger crap.

We can't know what the black box firmware of a Ledger does or doesn't. So, you can't verify it, you can't trust it, period! Your trust level is to believe when the Ledger Paris freaks scream at you: it's all safe, trust us, bro!

This is already bad enough and reason to better stay away from Ledger. But it gets worse. This recovery subsciption abomination is activated by a software, Ledger Live, the finest piece of programming craftmanship, full of trackers, cough, cough. And come on, software on a potentially unsafe and vulnerable device can't protect itself from malware. It can't be safe!

Yes, you have to confirm it on your Ledger hardware and it seems, encrypted stuff is exchanged, certainly not too easy to exploit, but who knows. We'll know when it happened.

A malware targeting Ledger Live... what could possibly go wrong? Go figure!