As of right now, honestly nothing. I will look into something simple, without tons of bloat introduced by suspicious (read: Google et. al) frameworks that I can compile myself, in the future.

Maybe also just going to make my own. I don't need lots of fancy features; just creating a PSBT from a Bitcoin address, a selected UTXO, an amount and a fee can't be that hard, right. Not even any USB protocol is needed; just QR code generation, reading the signed QR from a camera image and sending it to an Electrum node. Honestly that would be one of the simplest software programs I've ever written so I don't get why all these mobile apps overcomplicate it so much so that they need to resort to frameworks (yeah I'm not a fan of frameworks especially if they might phone home.. )

I'm not sure how I feel about 'tamper evident packaging'. It can give a false sense of security, especially since such stickers can be got anywhere very cheaply; I believe even fake Ledger devices come with tamper evident seals. So I wouldn't put too much trust in solely such stickers; on the other hand, they cost nothing so adding one more may give a little extra protection for barely any cost at all.

Passport v1 came with firmware and I'm sure that v2 comes like that, too. But you can always go in and immediately flash a fresh image from Foundation's webpage or GitHub when you receive it. Mind you, the device only installs firmware signed by Foundation, so it's going to be pretty hard (read: almost impossible) for someone to casually replace the firmware on your Passport at the customs office.
Realistically, worst thing that can happen is that they open it, boot it, configure it, and write down (steal) your seed. However you would notice since after turning on you wouldn't see the usual setup. In such case you could trash it, or just format it and re-configure (getting a new seed).