[deleted] I am wondering what are the possible threats/attack secnarios when installing GrapheneOS by phone.
If you trust Google's bootloader to correctly display the fingerprint of the OS signing hash, if the install results in the correct fingerprint being displayed (and no red "corrupt" warning) then the correct OS has been installed with a very high degree of certainty, no matter which device did the installing.
[deleted] Would everything go alright when I use GrapheneOS phone to install the OS on another pixel?
Probably! The installing device must have enough free RAM and enough free storage and a correct configuration of a supported broswer, the cable must be really good, etc., but it should work -- see the instructions.
Overall, if the official installation instructions suggest installing in some fashion, it is believed that doing an installation in that fashion will result in a working system with verified integrity.