What attacks does trusting someone else's full node enable? Obviously there are block withholding attacks, but would it be possible to provide blocks that are selectively missing transactions or forge payments?

I'm trying to understand what checks are happening in lightning (e.g. checking signatures on transactions?) and what are assumed to have happened in the full node.

I'm not asking as a criticism of the design choice. I just want to know who would want to go through the work of setting up a full node versus just rocking a lightning node by itself (and using other people's full nodes).

If you have a software architecture diagram of Alby that you can link me to, that might address a lot ofv my questions.