Regarding Hardenize/CSP, we have a clear disclaimer that states that all boxes must be green in order to be considered passing (as you mentioned).
We recently obtained access to the Hardenize/Redsift API so that we can programmatically automate these badges/updates. We’re waiting on answers to a few questions before we can automate the badges/results (and could even accurately share then in an automated way which tests are red/green/greyed out, e.g. CSP) so as to better reflect the comparisons.
If there is better verbiage for the E2EE comparisons, or anything else, we are more than glad to accept a pull request. Please submit your pull requests by going to config/alternatives.js in our GitHub repo. For example, here is a link to where we list Proton Mail data/text https://github.com/forwardemail/forwardemail.net/blob/0e8939c5590fd3b9c87d9d54ba854fb47631ce1b/config/alternatives.js#L1582. We are more than happy to make edits.
Yes we’ve had quite a few users post false content on Trust Pilot. For example, there’s one user that claims we don’t list an email address or any way to reach us for help on our site… when in fact there’s clearly links to Help section, FAQ, and our email address (as well as GPG key for our email). Trust Pilot refused to take this down, even though we showed them screenshots. So it’s a constant battle there, but we do our best.