9025 How likely is it that someone like the NSA could force Google to modify apps before they are beeing served by the Playstore (and therefore also Aurora Store)?
Modify which apps, to do what? Lots of users willingly install apps from the Play Store that track them in all sorts of ways (some are malware, but others disclose various tracking or abuse of data in ToS documents that nobody reads). Lots of users willingly use the cellular network, which by law includes accurate location tracking (e.g., to provide tight location estimates for emergency calls).
In a vague general sense it is certainly possible that one or another national government might force anybody subject to their jurisdiction to do anything. My understanding is that on paper the UK has a law which could be complied with only by banning all end-to-end encryption, which the government has agreed to not enforce ("UK government concedes on Online Safety Bill’s controversial spy clause, companies optimistic"). But that doesn't mean companies will willingly comply if they think it would bad for business.
9025 And is there any way to mitigate that risk?
Various measures are possible depending on one's threat model and resources:
- Run only those apps which one personally builds from source, after reviewing the source.
- Run only those apps which one personally builds from source, based on reputation.
- Run only a few apps from the Play Store, only after disassembling/decompiling them and reviewing them.
- Run Play Store apps only on airgapped devices.
- ...
Overall, there is not a simple method that will make it possible to freely download and run apps written by random people without risk. Also, there is not a technique that will convert privacy-invasive apps into privacy-respecting apps.
Running fewer apps is probably better; running apps from authors with longer and better reputations is probably better; running open-source apps is arguably better; reading (and retaining) ToS / privacy-policy documents might help. If one is willing to restrict one's attention to a small number of apps, that makes it possible to spend more energy investigating any individual app.