I would like to add Backtrack 5 as a "tool" in my team's toolbelt, but have to determine if there are any EULA issues and provide details about possible backdoors, trojans, etc...

This relates to Backtrack 5 - all versions (KDE, GNOME, 64bit, etc...)

1. Are there any EULA issues that would preclude commercial use of BT5 on an enterprise environment, i.e. is it still free or does commercial use incur a cost?
2. Is there any documentation available or anywhere I can go to determine whether BackTrack 5 is "safe," i.e. it doesn't have any backdoors, malware, trojans, etc... I know we can confirm the ISO using the MD5 hash and I am aware that some entity's in the US gov't use various versions of BackTrack, but other than that loose association, I was hoping for something more definitive.

Can anyone point me in the right direction?