If you want your guard node to be helpful in anonymizing your traffic, you should really make sure it's public and used by some % of the global user base (so that your traffic blends in the noise).
Once you do that though, you will always have to trust that node a little less than you could if it was walled-off so it would only serve you, just because it is another machine serving connections on the internet that will likely be targeted by adversaries who would benefit from turning many of the guard nodes into part of their Tor de-anonymization service.
If I had endless resources and was truly paranoid, what I'd do is build my set of public guard nodes, make sure they're serving Tor traffic, etc.
But then, I'd "borrow" those IPs occasionally for trusted nodes which will only accept connections from me (ideally both sets of machines will be live and routing traffic simultaneously).
In theory, you could apply the same tricks with similar success to exit nodes of course (though as usual, running an exit node is generally a slightly riskier / harder thing to do)
Which relays are guard relays is public knowledge (by necessity, it's how clients know which hops to select). If you operate a middle relay, and you see traffic coming from a relay not known to be a guard, you know it's from a non-standard Tor config, since you should only see circuits being built through guards (ignoring onion service traffic, which is small enough that we can do so in the limit). If you mean "get your relay listed as a guard, but don't accept traffic from anyone else", 1. you're going to lose your guard flag pretty quickly trying that, and 2. you ultimately have the same problem, since the adversarial middle will see that this guard is relaying suspiciously little traffic (relays only get flagged by auths as guards if they can handle above a certain amount of traffic, since they are designed to change infrequently, so a bad one will give you a bad Tor experience for a long time).
If I had endless resources and was truly paranoid, what I'd do is build my set of public guard nodes, make sure they're serving Tor traffic, etc. But then, I'd "borrow" those IPs occasionally for trusted nodes which will only accept connections from me (ideally both sets of machines will be live and routing traffic simultaneously).
In theory, you could apply the same tricks with similar success to exit nodes of course (though as usual, running an exit node is generally a slightly riskier / harder thing to do)