The above comment is spot on. Don’t Comingle your seed and device locations
Discussion
how do i derive new seeds from the existing ones securely?
Start with a wallet (seed securing device or software) which supports BIP0085 (https://github.com/bitcoin/bips/blob/master/bip-0085.mediawiki).
Use that support. Optionally you can add use of "pass phrases" or other strings which can be mixed into the seeds encoded in BIP0039 recovery mnemonics by and for some applications.
For instance, the seed I used to generate my alternative nsec for NOSTR (my @iris account) adds "nostr" to the key I derived for such purposes. I plan to used other post-derivation key strings for WireGuard, Signify, and age/rage encryption.