Two options, basically
I see basically two options for yeewiz:
1) He trusts some carefully selected external party or several external parties (app author, server operator) and uses their apps and/or web services.
2) He writes his app himself.
What I do not see is any third option where somehow he could, with absolute certainty, decide who he can trust and who not. That problem of trust is a problem that has no solution, and I personally have learned in my live to move on as soon as I discover that a particular problem has no solution.
By the way, option 2) isn't nearly as daunting as it may seem first. Developing for WP7 is easy, at least compared to other smartphone platforms, and there are tons of code samples on the Internet. So, for somebody who really values security, it might be ok to learn programming and build his own apps - just to be sure.
Update: Thinking about it some more, I think I found an option 2b): yeewiz learns just enough about WP7 programming to be able to read and understand C# code, and then finds somebody that writes the app for him and delivers it in source code so that he can check the source code himself before compiling it into an app.