I'm using many Node.js modules through npm package manager. Since these modules are not developed by trusted organisations, are they trustworthy?
I don't know whether the npm team is doing any security checks for each module submitted by developers.
NPM is not doing any checks whatsoever. They are just a registry. The whole thing is built on the trust in the dev community and sharing.
Most node modules are open source and you can review their code in their repository (usually Github). So that's the best way to 'trust' them. Some node modules give you prebuilt native binaries, so that might be riskier in a way, but if it is popular (like ws for example) then I see no issue. You can also check the NPM publisher user, which sometimes is a known company like Oracle.