sappy_junior728 I know both of these phones are no longer supported by GOS. It no longer has the latest security updates. However, can I still securely use it as a hotspot?
Not really. Once Google stops patching bugs in firmware, it appears that they also stop tracking bugs. Meanwhile, automated vulnerability analysis tools keep getting better over time (especially now with LLMs). Vulnerabilities in cellular-modem firmware, Bluetooth firmware, and Wi-Fi firmware can potentially be exploited from far away with beam antennas. Aside from radio firmware, there are known vulnerabilities in GPU firmware and drivers, the user-space Bluetooth stack, etc. The result is that old devices probably have exploitable vulnerabilities that are known to bad actors but not tracked and publicized.
sappy_junior728 I can't seem to find any guides on how to flash these two phones to GrapheneOS.
The GrapheneOS project is focused on security and privacy, and thus is not "in the business" of encouraging people to install old known-insecure versions of GrapheneOS on known-insecure hardware.
Other Android variants are more focused on device longevity at the expense of strong security. Perhaps LineageOS might run on those devices, for example. But it's important to understand that at present there is no secure software setup for those devices.
Please note that I do not speak for the GrapheneOS project.
Edit: if one of these devices contains absolutely no confidential information (including not knowing any network passwords), is not connected to any networks, and is physically secure, it could be used as a clock or standalone music player without obvious risk.