I've been considering a similar setup recently. Before tackling your question, let me point out what bothers me about it. This is explained at great length here. In short- when Pass calls GPG, it performs unnecessary asymmetric (RSA/EC) crypto under the hood. Unnecessary- because there is no untrusted party here.
This is annoying because asymmetric crypto is less future-proof than symmetric crypto. E.g., asymmetric crypto of today is broken by sufficiently large quantum computers, that do not exist, yet. More generally, asymmetric crypto relies of "math problems" we do not know how to solve, much more so than symmetric crypto.
To mitigate this weakness, the least you could do is to keep your GPG public key used with Pass private as well, because for instance the (potential) quantum attack needs this public key: see here.
On to your actual question, it is unclear whether you intend to store the git repo (with the passwords) publicly or privately. If you want to keep it private, you can pretty much do what you want, and reduce the security of the GPG private key to that of the medium where you back up the repo. However, that might become a chicken and egg problem: if the repo is private, how do you get it back in case of a crash? In other words, in case of a "bad crash", there must be something you retrieve first. So you might want to keep the git repo private, but backup the GPG key in such a way that you can retrieve first, independently of anything else.
Offline back up solutions are numerous, lawyers, basements, etc. see here. But basements aren't for everyone, so let me suggest an online solution:
Create a super strong passphrase that is not meant to be typed for years. Suggestion: Long, memorable misspelling of a phrase that has some personal significance, or from a book that won't run out of copies if you need to look it up.
Create a tarball with your exported GPG secret key, and maybe your SSH credentials.
Encrypt it symmetrically with your passphrase: gpg --symmetric --armor
.
Create a free git hosting account.
Create a public repository, that can be cloned without credentials.
Put the encrypted&armored tar ball in there.
To retrieve it after a "bad crash":
Boot a live USB stick.
Clone public repo.
gpg --decrypt
.
The symmetric passphrase will be your main protection against the zombies. People sometimes do not give you, or the anonymous reader, the benefit of the doubt when it comes to choosing passphrases. But with a good passphrase, symmetric crypto should be solid.
When you export your GPG private key, it will be encrypted with a passphrase of its own. Recent versions of GPG won't allow an unencrypted export. You might use your "regular" GPG passphrase here. Just remember that in the event of a crash, you will need both passphrases to get to your GPG private key.