The api should not be insecure and able to be abused (and it largely is very secure today). Sure they might be able to violate some ToS items like embedding their own payment processor but they won't compromise the security of the phone like they could on a desktop OS.
Ok, agree partially. I mostly meant privacy rather than security. What i wanted to say: iOS is nowadays famed for siding with the user (gateway process to weed out bad/malicious apps), restricting tracking and giving the user more control over what data is shared and so on. 3rd party stores would change that. Security could also be impaired by 3rd party stores neglecting to police malicious apps (eg. compare to some android 3rd party stores that often host pirated apps piggybacking malicious code). Likewise, apps on iOS 3rd party appstores might act maliciously (copying your credentials during auth in an embedded browser etc)
I also dont like what Apple did to Tumblr when they had to change their content policy and how BigTech generally projects US values onto the world (eg. nudity).
PS: I trust Android's F-Droid store more than the PlayStore due to its strong gateway process (anti tracking, pro privacy, FOSS only).
Alternate app stores would jeopardize its famed security