Most password managers are not heavily audited. Random third parties look at them and occasionally find things, but that's not the same thing as the development team bringing an auditing team in and giving them access to all the source repositories and documentation.