Great questions.

On (1): the phone can't modify information signed by the hardware, it just forwards it to the server. Bitkey hardware ships with a key (not the one used for signing transactions) that can be used to sign messages and which Bitkey servers can verify. If a compromised phone attempts to modify what the hardware has signed, the server would know they've been tampered with and would be able to surface that to the user via a channel like email.

On (2): if the Bitkey servers that communicate the addresses or transaction details to you in the proposed solution were compromised, what they show/send you wouldn't match your phone's screen.