Google doesn’t just have the capability to modify .apk files uploaded to it’s Google Play signing program- they already are.
Granted, this is at the moment a minor change and certainly a non-malicious one; but it remains an actual change of your .apk. They add
<meta-data
android:name="com.android.vending.derived.apk.id"
android:value="1" />
to the AndroidManifest.xml
Below is a comparison that I made in 2018 while researching this topic. It has the apk before upload (signed with upload key), and the apk as downloaded from Google Play with Google play signing enabled.
As you can see from this graphic; there’s only two changes- the old signing (upload key) was removed, and replaced with Google signing. And also the AndroidManifest.xml was slightly appended (with the meta-data mentioned above)
I’ll also point out this Google IO video from 2017 where they’re introducing Google Play signing: https://www.youtube.com/watch?v=5tdGAP927dk&feature=youtu.be. From 11:25 in they’re talking about something called “App signing + optimizations”. The idea was that they could optimize apks for you, and generate sub-apks.
This was something that you could enable on a per-apk basis within Google Play. Today of course, you’ll find no mention of any of this in any documentation, other than in this video- That’s because they later came up with app bundles and essentially moved all this work into that. So, this is mostly relevant because the question was “What Stops Google From Modifying Our APKs That It Signs Via the App Signing Service?”, and this shows that even specifically for .apk files they can; they intended to; and they were.
As others have pointed out; whoever has the signing keys and access to the Google Play account for the given app- can upload any .apk or .aab containing anything; as long as the packageName remains the same, and versionCode is incremented by one. The same applies of course to Google when Google Play signing is enabled. If they wanted, they could change, remove or add to any and all parts of the application.
It’s worth keeping in mind that while yes; Google could modify everything and anything within the Google Play signed .apk file(s), those modifications aren’t necessarily evil or with a bad intent. Whether for optimization purposes, compatibility or hot-fixing; there are plenty of reasons Google could or would modify the uploaded apk and justify those modifications. And they wouldn’t necessarily warn the developers about this; nor would developers necessarily react to a discovery of this with an outcry.
I do believe that we’re very unlikely to see Google perform purposely malicious content changes to uploaded apps, mostly for business, reputation and ethical risks outlined well in the other answers here already. I just can’t picture this being a valuable attack vector for Google that outweighs the rather heavy cost-risk, and considering the other, often stronger vectors available to them.
Lastly, I’ll mention integrity checks as one way this would be discovered. There are several solutions in this space that goes further than signature checks to verify the integrity of the app. Whether app developers roll their own, or use an off-the-shelves solution- these checks typically run during runtime on device to verify the integrity of the apk; comparing against records taken during compile-time or near compile-time. Modifications performed to the apk during transit does get picked up by this, including whatever change Google Play might do.
Disclaimer: I work for a app-security company that performs such integrity checks (any many other checks and verifications) on the apps that we protect. We’ve had to map out and account for all changes Google Play might do to an app both for regular apk files and app bundles- so we can distinguish between Google Play doing optimizations and a malicious actor repackaging the app.