illuminatti
Here is another thread regarding Shell and other System apps: https://discuss.grapheneos.org/d/11050-system-apps-pixel-firmware-network-connections/12
Carlos-Anso Looking at system app permissions is not actually very useful and easily causes confusion. While some parts of the OS are system apps where you can view their permissions other parts are not - like the parts that create and enforce this permission model. It is pretty much an inherent property of any operating system that it has to have access to any data it handles and any network connections that it makes.
The GrapheneOS team have been discussing how we should deal with system apps and their permissions as it is a regular cause of confusion. Especially when people start denying permissions from system apps and later find some seemingly unconnected functionality on their device is broken. Its common for users to blame any breakage on OS updates, rather than considering that their own actions may have caused it. Over the years we have spent a lot of time diagnosing issues that have turned out to be caused by things like this.
The fact that it it is open source, and in widespread global use, means that there are very many eyes upon the Android Open Source Project (AOSP). It is used as the base for far more devices than any other equivalent operating system code. The hugely diverse range of actors that somehow use the AOSP codebase acts to provide a collective guarantee that it behaves as expected.
We can not make 100% guarantees against every possible imagined security or privacy weakness. That is currently something of an unsolved problem and not really possible for any device, especially something as complex as a modern smart phone or personal computer. There is however a reason that GrapheneOS was built upon AOSP. It offers an unrivaled base when considering usability, security and privacy properties.