So glad that someone else has brought this to light.

hardware wallets that require a third party to initialize are not permissionless devices and go completely against the ethos of Bitcoin.

ColdCard, SeedSigner, BitBox, Specter, and Passport are the only HWW devices that don't require third party permission to set up.

Trezor, Ledger, and KeepKey are all permission'd systems that might even store a copy of your xPub key. I know for a fact that KeepKey does have your xPub.