OnePlus has been caught smuggling out user data without user consent. They don't provide any of the security / privacy features that GrapheneOS comes with, and also comes with a lot of bloat and spyware baked into the system. It is also a Chinese company that has ties to the CCP. My previous phone before my current Pixel 7 was a OnePlus phone, but after actually having my hands on GrapheneOS and seeing what it can do and how much more secure and private it is compared to literally every other android distribution has made me decide that I don't think I will ever be back. To say that it would compromise my privacy and security is an understatement. Because they are also a third party developer and not the main development company behind Android, (Google) it is also increasing the attack surface with its extra modifications to stock Android and also by adding extra hands onto the code. I would not recommend a OnePlus phone, especially on the stock ROM.
[deleted] To date, the system is safe (definitely not like graphene) but maybe better than google stock? or not?
I would consider the Google stock ROM to still be way more secure than any OnePlus phone due to the hardware security provided by Google in their tensor line of chips. They have also done a lot more to provide security compared to a stock OnePlus phone. I also believe that the Google phones are (ironically) more private than OnePlus phones, as they don't rely on companies that have ties to the CCP and also have way fewer companies meddling with the final end product, along with way less third party bloat apps.
TL;DR: OnePlus phones should not be considered for anyone even slightly worried about privacy and security due to a multitude of reasons. They are also significantly less secure than Google's stock Pixel phones.