I mostly have FOSS app installed on my phone, obtained through the Play Store. However, for some tasks, like banking, IME or even games, I need to install proprietary apps. My threat mode is to protect my personal data stored on the phone from passive attacks and my online habits from mass surveillance/surveillance capitalism.
Now, having read FLOSS security and the GrapheneOS FAQ, I assume that—security-wise—the risks involved in installing proprietary apps from the Play Store are minimal.
Privacy-wise, my understanding is that apps cannot access user data by default and have not access to other apps. What about network access? If I grant my proprietary banking app—which includes trackers as does their website—network permission for instance, can my network usage of the phone—outside the direct usage of this app—leak?