Unsafe by design
Google clearly gives zero fucks about security in their shitty app-shop.
The fact alone, that they do everything they can to help scammers hide malware, is enough.
Try to find for example, a flash-light app, by searching only for those who requires zero unnecessary rights.
Yep, there is no way to easily separate a flash-light app that is only a flash-light app, from the 9999 ones that require your to allow it to edit your address-book or allow the programmer to enter your apartment at night and put their balls in your mouth, or similar 1000% flash-light unrelated shit.
Last time i checked, you had to actually begin the installation, to find out why you would get.
Then do that 1000 times to find the one spring-surprise, that doesn't pierce your cheek.
Or just bend over and click yes blindly to everything, to get on with your life, like you are supposed to.
Who the fuck designs a app-shop like that?
Halfwits or criminals, they have to be one or the other at Google.