We all know that there are some very talented people behind SerpentOS but still they are people. People make mistakes and sometimes omit things. That is how wit works unfortunately.
Is there any audit of the code being planned?
A fresh eye?
Some automated security testing?
I'm not an expert in these things but security is close to my heart as Linux is my daily driver also for banking.