d9780 Can an attacker remotly take over my phone with grapheme os installed?
The threat class you are inquiring about is "remote code execution" (RCE).
We all hope GrapheneOS doesn't have any RCEs, but honestly it might. It has some pretty good mitigation measures, but there are some really smart and well-resourced attackers out there.
Stay patched, don't install code from sketchy sources, avoid sketchy web sites. There is no single "silver bullet" thing you can do to magically protect yourself against all remote attacks, so GrapheneOS isn't a silver bullet. But your chances with GrapheneOS are better than with many other options.