Installing /e/OS on Pixel 3a XL

Yes, it is encrypted, good.

So, if I understand correctly, please correct me if I’m wrong, now that my bootloader is unlocked, and given my phone is unattended, anyone can plug a USB into it and install any kind of softrware they want without me knowing it? If that’s true, this is a bit scary. As said in the excellent article @aibd sent, the risk looks relatively low but still, it’s a drawback I was not aware of before installing /e/OS. To me it sounds like, with /e/OS now installed, my data is more secure as there’s no leak to Google servers or whatsoever like it happens with the regular stock Android, but, on the other hand, my device is now physically more vulnerable to other kind of attacks, like evil maid attacks as mentioned in the article.

Am I right?

Thanks a lot,