That's a reasonable concern. You can easily verify for yourself that the recovery process works, and you can audit the source code for the Android client (and build it from the audited code) to ensure that it handles the keys as advertised. If this were your typical proprietary system then I might be worried, but Muun is pretty transparent.

The biggest potential point of failure, if you installed pre-built binaries from a third party such as Google Play or the Apple App Store, is that it could be updated to a new version which leaks the wallet-side private key. Which is a potential concern with any wallet software you don't audit for yourself. Of course you're also trusting the system software provider (i.e. Google or Apple) to run the application properly, as with any software running on their respective operating systems.

Personally I trust it with funds comparable to what I would normally keep in a wallet for daily use, not a safe or a bank vault. For larger amounts where the inconvenience of cold storage is justified I use a hardware wallet (Trezor).