That feature is basically the same as 2-of-2 or passphrases, and the problems with 2-of-2 have been pretty well documented by now.

I did my own research and architecturally it is significantly flawed. There are many weak points where you could be getting a backdoored device. The used secure elements are weak and outdated.

“Don’t trust, verify” goes much deeper than reading some marketing claims about “ultra secure” from the vendor and I see too many people falling for it. New Trezor for example is “quantum ready” but any device within the last 15 years is as well.

Personally I’d recommend something like a SeedSigner with a proper multisig and a BitBox maybe.