Hi there, and welcome to the GrapheneOS community, I'm glad that you're getting on well with the OS so far. You are right to highlight that the camera and mic permissions, since they are particularly sensitive permissions. The GrapheneOS team prioritizes having a good way to handle those permissions.
It's not feasible to auto-disable the camera or microphone in the way that Bluetooth can be, because apps that abuse either of those permissions could just keep the camera or microphone enabled, and therefore they wouldn't time-out and auto-disable. As @[deleted] says, the best way to approach this is to grant apps one-time only access to those permissions. One-time access can be granted to apps for the location permission too.
Note also that if any app accesses the camera, mic or location, a green indicator dot is shown in the top right of the screen. You can then check in the privacy dashboard in Settings to see exactly which apps have been accessing those permissions and when. This way it's very transparent when and how apps are using those permissions.
Note that the GrapheneOS team plan to implement camera, mic and location scopes for apps that do abuse those permissions. This means the user would be able to send fake image, audio or GPS data to the app, whilst the app thinks it has the full permission.
Hope that helps to answer you question, let us know if there is anything else we can do.