Don't use your fingerprint to unlock your device.
This might be true for some threat models, but honestly, a secondary lock method relying on biometrics is great to avoid shoulder surfing attacks. This means you don't have to risk exposing your primary lock method (a PIN for instance) in public. Something like IR face recognition (à la FaceID) would probably be better than relying on fingerprint as the software can detect if you're awake/alive, and is generally less prone to false positives (but at the cost of potentially being a less convenient solution particularly in the current times for obvious reasons).
GrapheneOS limits biometric authentication attempts compared to stock OS (to 5 attempts if I recall correctly). Furthermore, you can reboot your phone in situations where you feel you might be compelled to unlock your phone that way. Lockdown mode also helps, but rebooting is better as it puts all data back at rest. Or you can just intentionally fail the biometric authentication 5 times.
On another note, GrapheneOS also provides PIN scrambling to make the PIN lock method more resiliant to shoulder surfing (in several ways: finger oil on the screen, camera angles, etc.).