Check what permissions it needs vs. what it has. You can also use it over WiFi and then monitor network traffic at your router (there are some applications that can do this on your phone as well, OSMonitor can do it without being rooted). Make sure you let it run for standard periods and monitor connections, does it send stuff out at midnight? On Sundays? On the first of the month? Heck, it may only send stuff out on Christmas. But your best bet is to just read through the code or, even better, open source the code (assuming you have rights to it) so many people can read through it.
I don't know that there are any services that will do this for you, but then your outsourcing something that will tell you whether outsourcing stuff is safe...