So then I am trying to ascertain the consensus of the group here. Are we saying that if a user is looking directly at their Trezor and confirms the BTC address is perfectly correct on the display, that the transaction can ONLY go to that displayed address? When I read about many "high end" hacks it causes me to wonder if somehow the software could pull a switch address a nano-second after I confirm on my Trezors. I am just trying to think out of the box here. I have been using Trezors since early on with the T1 and several T's as well. I triple check the display and have never had any issues at all.
Expect the Trezor was purchased from an untrusted source or the computer is compromised. Possibly there have been a random download from the web that could contain some malware but otherwise if I carefully crosscheck the address and everything is perfectly correct I should relax and wait for confirmation on the network.
Though on rare occasion do we have issues of bugs or outdated firmware. So I might not consider this but it's still nice to always check the version and also check for updates to completely stay safe.