I use the automatic backup feature by selecting the remote_crypt folder on RSAF. I don’t work with a lot of PDF files, but when I do, I just manually move them to the remote folder. I tend to keep my phone storage clean, and once the files are moved to the remote folder, I also back them up to SDD. If you have the need to view your PDF’s from your remote storage, I’d recommend S3Drive app as you can see the image previews, save files offline, and share. However, it is closed source. The author of S3Drive also contributes to the rclone project and active on Discord for any questions you may have.
As far gaining access to my phone, this isn’t in my threat model but the author of RSAF mention this (GitHub - chenxiaolong/RSAF: An Android Storage Access Framework document provider for rclone), “In order to keep credentials secure, the internal config file is encrypted with a password that’s wrapped by a hardware key. Even with root access, it is impossible to back up hardware keys. Thus, when restoring RSAF’s app data using these root-based backup tools, RSAF will not be able to decrypt its config file. Instead, use the builtin config import/export feature.”