Well, now the common believe seems to be that it is not a backdoor. But sorry, I cannot categorically say it is, but I cannot categorically say it isn’t.
This original post was about flash encryption, and when you put together encrytion with these HCI hidden debugging commands, I might have some concerns this could be used indeed as a backdoor, even acknowledging this might not have been necessarily espressif’s intention.
There is no 100% safety, unless you keep your devices permanently off and disconnected, but then you cannot of course use them. A boat in the harbor is safe, but probably a boat was not designed to stay in the harbor…
Being pragmatic, I do not think anybody is interested in hacking my custom made ZigBee energy counter… I might have some more concerns on somebody trying to access my lighting network, but I am definetely concerned about somebody being able to open my home door.
All these would require special interest, and I am not (as far as I know 
) a person of interest, so the concern is merely academic in my case, but there are other cases.
Other than that, I do not think many of us are using firmware encryption to keep our home doors closed (I do, by the way, but again mostly out of sort-of-academic interest), and definetely not in the hunderds of devices we may be using and bought online.
So this is more a sort of mere academic discussion, at least in this forum, which does not anyway, in my understanding, lessen the value of the conversation. More on the contrary, security awareness is something that we are too much leaving aside in DiY world.