This is based on having spent a year reverse engineering the platform to port Linux to it.

Granted, Apple could've added a hidden secret core with secret firmware we haven't found anywhere, somehow. Of course, so could every other manufacturer. If you are concerned about all potential secret backdoors, you'll have to invest in a chip fab and make your own chips; there is no way to prove that the chip you have in your hands is not uniquely backdoored, no matter what documentation you have or not. Documentation cannot prove that the physical chip matches what was documented.

What I can say is they've done a really good job keeping tight security boundaries in their chips, much better than basically every other manufacturer, by all appearances. What I meant by "secret" in my previous comment was a difficult to observe core with full system access running proprietary code, a la ME or PSP; not literally something that is deliberately hidden so as to be completely undiscoverable. So far, there is no evidence of Apple having added any questionable hardware to these chips.