Your title "Feds forking to penetrate" doesn't make sense.
Forking an open source project means taking a copy of our code and adding to it.
If anyone wants to do that, it's perfectly fine to do that, as long as the license is respected.
The reason why I think your concern doesn't make sense or why you misunderstood that statement is because you're asking how GrapheneOS "guards" against it. The question is, guards against what?
It sounds like you think that someone forking GrapheneOS and making their own version of it can somehow affect the code in the actual GrapheneOS project, which isn't the case.