The way I understand is as follows:

There is no way to determine (all) other public keys of a deterministic wallet from knowing a number of public keys belonging to it. You need the so called "master public key" (MPK) to do so (also known as wallet without a seed). If this becomes known and the rest of the assumption holds true then only ECDSA needs to be cracked, right.

However if the MPK and just ONE private key is leaked the other private keys can be derived.

So spending in electrum is no risk for the deterministic wallet. Leaking the MPK can become a problem - for your privacy and because only one private key is needed to break the rest.

TL;DR: using electrum to spend is no security risk for the vectors mentioned by the OP