Certainly not, but there's more goals than singular security from government agents at all cost

With the current mobile OS landscape, getting away from ubiquitous overseas dependencies, constant tracking, and closed-source mandatory apps is, to me, much more direct-impact than protecting against this extremely remote chance of having an exploit, customised to my software stack, finding its way onto my device somehow. I'd much rather have the freedom to do with my hardware what I wish

Some people will prefer one thing, and other people another. Neither is a bad choice if it fits your goals and you know the risks of each one. So what I'm saying (and seem to be repeating over and over and over in any graphene fanboy thread) is that it's a choice, not a one-size-fits-all, and not a foregone conclusion (as GOS authors pretend it is, which this subthread started with)