I'm gonna deviate a little, and not talk about a purely security perspective as you wanted, but I'm gonna say that you have to identify you threat model and — maybe more importantly in this case — the use case. If you do not put absolutely anything of value on that phone, like not even an account like Spotify, and use it only for offline o anonymous services (like AntennaPod for podcasts, for example), that carry little to no personally linkable information, maybe you are more interested in privacy, and I'm gonna say that you should install a more privacy-respecting OS like Lineage (or better sill DivestOS, based on Lineage, but sadly there is no build for the S10; if you know how to implement the propiertary blob, you could compile it for yourself).
Samsung is one of the worst companies in terms of privacy, as they record and store every tap, movement or request you make on you phone, including your voice, your location, your clipboard, your IP, etc.; literally everything (it's written in their EULA and their privacy policy, I'm not making up anything).
So if you use it just like an iPod on steroids, maybe sacrificing some security for better privacy is worth it. But I should stress again that you think carefully about your use case, your threat model, and make sure not to put any remotely exploitable information about you, your life, or the life of the people you know (family and friends) on that thing. I do agree with the official GrapheneOS reply here — and frabkly no one could disagree, as they are the only true experts here —, so try to not use end-of-life device and, if you have the means, I suggest you invest a little to gain so much in terms of usability, security and freedom.