Background:
I would like to add Backtrack 5 as a "tool" in my team's toolbelt, but have to determine if there are any EULA issues and provide details about possible backdoors, trojans, etc...

Details:
This relates to Backtrack 5 - all versions (KDE, GNOME, 64bit, etc...)

Question(s):
1. Are there any EULA issues that would preclude commercial use of BT5 on an enterprise environment, i.e. is it still free or does commercial use incur a cost?
2. Is there any documentation available or anywhere I can go to determine whether BackTrack 5 is "safe," i.e. it doesn't have any backdoors, malware, trojans, etc... I know we can confirm the ISO using the MD5 hash and I am aware that some entity's in the US gov't use various versions of BackTrack, but other than that loose association, I was hoping for something more definitive.

Can anyone point me in the right direction?