By the same token, a company that publishes its schematics with a free/open license, releases x-rays of its products, offers anti-interdiction services, and installs 100% free software attracts people who are going to scrutinize every aspect of the phone and are far more likely to detect and publicize any security holes or tampering.
People who care about security and privacy are likely to buy the phone and check for any flaws. They are likely to make their own x-rays and compare them with the published x-rays to see whether any of the hardware has been changed. They are likely to look at the schematics and verify what is the purpose of every component on the phone. They are likely to reinstall everything from scratch from sources with checksums to verify that nobody has inserted any spyware on the phone. They are likely to look for any flaws or tampering and publicize any flaws that they find, so all that extra attention is actually a good thing from a security perspective.
If you are going to attack a phone, would you chose the one where it is easy to detect tampering and you know people are scrutinizing it for security holes? When there are millions of clueless people using Android and iOS phones and it is very hard to detect tampering and security holes with those phones, there are much better and easier targets for hacking than the Librem 5.