I found old post on Reddit by @matejcik about how to perform this. Can you explain what commands can be used to do this with latest trezorctl?
Original post:
there’s a (very geeky) way around this:
using the command-line trezorctl tool, you can both (a) see the entropy that is sent from your PC, and (b) tell Trezor to display the entropy it’s using internally.
You can combine these two pieces of data in a script and generate a seed on your PC. Then you can verify that it’s the same seed that Trezor gave you. If it is, and if it generates the right addresses (as verified with iancoleman website), then you’re sure that the entropy sent from your PC is being used.
So even if the entropy from the built-in RNG was bad, the attacker doesn’t know the PC part and so still can’t get at your seed.
Do this process several times in a row to be sure, then wipe one last time and set up a new seed for real.