Google Pixel is unfortunate the only available hardware that allows third party operating systems to be locked in the bootloader. This means that an attacker with physical access to a turned-off phone cannot just change the operating system.
However, here is the list of required hardware features for full Graphene os support, I'm looking forward to some plebs creating better hardware, but it probably won't be as refined and cheap as google...
https://grapheneos.org/faq#future-devices
And yes, there have been numerous security audits by third parties, with bugs reported and merged to Graphene os. Further, Graphene devs have reported, patched and shipped fixes to upstream dependencies which were merged, so in a sense the upstream maintainers have audited that code.
https://grapheneos.org/faq#audit
In general, I can recommend reading the Graphene os website, there's a lot of interesting info.