Not only is it possible for configure or make scripts to install malicious code at compile time, but the compiler or build tools could be modified to inject a backdoor or other malicious code into the compiled binaries. That is, even though the code you're building appears clean, the build tools could 'go rogue' and introduce malicious code.

This concept of malicious compilers was famously presented by a paper titled 'Reflections on Trusting Trust'[1]. Recently, malware was discovered in iOS apps that was injected using this technique by attacking developers' compilers (Xcode) [2].

bottom line: Unless you've written or reviewed every line of code from the project you're building, the tools your using to build it, and the OS/firmware you're building it on, you can't fully trust it.

[1] https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf

[2] http://researchcenter.paloaltonetworks.com/2015/09/novel-malware-xcodeghost-modifies-xcode-infects-apple-ios-apps-and-hits-app-store/