I have it rooted, and IMHO besides mycellium is a terrific android wallet, it never will be as secure as a trezor. Externals to mycellium bugs, (as android random number generator, or others added by 3letters agencies) could expose private keys. A cold wallet always be securer than a hot one (if your priv key is not there it cannot be exposed or stolen).
You know how you hook up your secure Trezor to an insecure PC, and they keys are still safe? ARM processors in all new Android devices have something called a TrustZone, which is a portion of a CPU, memory, input, and screen processor where you can run things completely separated from the rest of Android, in the same way that a Trezor runs separate from the PC it's plugged into. Making Mycelium Wallet use TrustZone to store its private keys and do the signing will make it as secure as a Trezor. We could probably do our RNG for private keys in there too (or use Entropy as a seed). Only barrier to it now is that, although ARM came out with it, no one bothered to write drivers for it, and by default it is disabled in Android. There is a company that is working on getting drivers and software modules for it, but they likely won't be done for a long while. If they do get it done, we will very likely implement it in our wallet, and then can be just as good as Trezor.
except you are planning your own cold wallet (kind of bither...) which you could install in a offline PC (the "cold" mycellium who signs tx) and use the online mycelliun as a only watch wallet to send unsigned tx to the cold one) ¿Do you have any secret roadmap to share??? 
With HD wallet implementation that's possible, but I think we'll be focusing on finishing HD, adding CoinJoin, and then things like BIP70 and another very huge project after that, so I don't know if we'll have time...