iirc the intel management engine can be disabled through some weird fuckery, not sure if the same can be done for amd’s equivalent. if you custom flash a bios and run an open source os compiled by a trusted source, i think you got most potential backdoors covered (although the cpu microcode might still be an issue).
there’s a video by jonas čeika that’s worth checking out, on how the simpsons became a copy without an original