[coldtea]

As I said, "You can easily verify that it behaves correctly with common network tools".

Track its behavior from an exit node of your network and see whether it matches your rules.

Not really much difference than manually checking some tens of thousands of lines of an open source application, or trusting that the binary you got from the repo corresponds to the source (and of course even hashes can be tampered).

Plus, even if it chose "to not show a specific application making requests" you'd still be blocking all others apps, and thus way better off than not having it installed.