alt Hacker NewsGood point and thanks for the heads up.
Mostly asking it as a question, given that graphene runs Google play services (optionally) as a normal, sandboxed service with no special permissions might help a bit, but I guess unless you disable networking for every other service installed, this is sort of impossible to plug 100%? IPC can be quite the security hole.
Only if the other services provide a network proxy right? You'd need to find an exploit in the app otherwise.
Edit: although, I just remembered that it's actually as simple as sending "open this URL" intents to the Android equivalent of sensible-browser, which everyone will have installed. That does rely on users not understanding or caring about what's happening or it only works for the first user