Probably not the best idea if your VPN uses any sort of client software, seeing as it would be able to collect your "true" IP address if it were malicious.
Openvpn is unlikely to be malicious, and is opensource so you could theoretically audit it. And if you're _really_ paranoid, it's an open protocol, so you could write your own implementation. Although, then it's likely vulnerable -- there's a principle, I forget who from, which states that for any piece of software of sufficient complexity, if you wrote it yourself then you probably made a mistake and it's vulnerable; and if you didn't write it, then even if you read the entire source code very carefully, it's still possible, likely even, that they snuck in an exploit that you didn't notice.
