I think we need an app to automate the process of verifying code signatures. Esp APK files.
Something like, copy paste developers signing keys into the app, then app should check each installed apps signing keys against them and show the list of apps that passed or failed.
App should also allow to check downloaded files.