The wallets can have a malicious random number generator.
There are several ways to be malicious. Typically random number generators are considered malicious when they are
somehow predictable, so if you use them someone else can guess your “random number”.
But that doesn’t seem like what your plan protects you from.
What you verify with your procedure is that your hardware wallet do not give you a different seed (when you do the initial setup or ask to export it) from the one it used to generate the private keys and related addresses, that it uses when you receive or send funds with him.
In this meaning, the seed (from which private and public keys are derived in HD wallets) would not be yours but belong only to your hardware wallet: you can receive and send using the device, but if you import the seed elsewhere there are no associated funds, because it’s different from the one used by Trezor.
However I have never heard of such a problem on any hardware wallet.
The wallets can generate address for keys that are not mine
This don’t make sense to me, public addresses are derived from private keys, so the wallet need to have the private
keys to generate addresses … i’m not sure what you mean.
Furthermore, you can’t verify that you are the sole owner of a seed or a private key, the most you can do is make
sure that this does not leak out, but if somehow someone manages to copy, predict or generate it randomly, you can’t
notice until the money goes away.
So, all things considered, I think you can avoid having to verify the seeds that your wallets give you, because this
adds practically nothing to the security you already have using multisig addresses with 2 hardware wallets evaluated
as Trezor and Coldwallet, that are already heavily scrutinized, as you can see here for example.
PS: I know that if the trezor has a malicious random number generator and it creates a private key that not only myself own, this is a privacy leak, but not a problem. And it’s a privacy leak only when I spend from this address, revealing the public key on the blockchain.
I’m not aware of troubles with Trezor rng (have you any reference for this?), but if your private keys are leaked you will lose your funds almost istantly, there is no need to wait you spend, as said before, public key and addresses derive from private key, so if you have this you don’t need anything else
