How is GrapheneOS tested before releases?

keycap_puller

Do you use different malware samples, known bypass methods (such as Download Manager), network traffic analysis, SDR attacks, a checklist to verify that all hardening settings (e.g. sysctl) are in place?