That is my worry. The public link is the secondary place where my apps can get stolen. Before any of this, links were private and only I could download from them. If I sign out, I won’t be able to download from the link until I sign back in again, but I want to keep my apps private. Kodular has let me down and now I am using MIT App Inventor and some other AI2 Based platforms to build hard-worked apps. It is a shame that I also have to depend on a lot of extensions especially if Kodular already has tons of components. As of now, Kodular is the only app builder based on App Inventor having this privacy issue. Kodular had lots of security improvements in 1.4D.1 Eagle which is the current version as of now but I don’t call this public link stuff a security improvement. It is a privacy issue.
Also, who keeps answering yes that they want their apps stolen on my poll? I deleted all the spam responses.
There is no reason for someone try to get your APK, because is nearly impossible in 2 hours and if they get they have noting to do with it.
2 hours is a very long time. That lasts as long as a 2 hour movie!
Yeah, but a movie dont have 1billion combinations 
I may put sensitive or personal content in my apps so that is a huge privacy issue.
Man, if you have internet in your phone or PC, you can get hacked easily, so i think kodular link is not a problem
So I’m seeing a lot of “I don’t want my assets to be stolen!” Here are a few answers to some questions…
Can my assets be stolen?
Yes, from decompiling the APK… But this can even happen as your distribute the APK publicly. Plus you shouldn’t upload assets that are private to you.
Can someone guess my URL?
Stated by Conor, no. There are millions to guess, assuming there aren’t millions of links being used at once… This would take time. PLUS, I have tested, and Kodular APKs cannot be accessed from other URLs, so it would have to be entered manually. Therefore it would take time.
Is there a solution?
This depends on the language, if it were NodeJS I would say yes, but App Inventor is written in Java so Im not too sure. Although, they can dowload the APK immediately and then delete the APK or following a visit to the link, delete the APK afterwards, which would make the link invalid.
Now, the topic has a solution and I would like conversation to stop here. Please and thank you!
Previously Kodular links were private like this in my browser’s download history
https://www.creator.kodular.io/ode/download/project-output/1234567890/Android
Now they are like this
https://www.kodular.app/abc-xyz
NOTE: Both links are just examples. They do not exist or do anything when clicked on.
Also, I work at a business and they need me to build apps because I have the skills they don’t. I will get fired if I do not build the apps for them.
I’m gonna take a leap on this one, no offense… If you have skills that no one else has, why are you not using something like Android Studio instead? Anyone can drag and drop blocks.
I mean the UI Design, extensions, etc. Also, I have no Android Studio Knowledge so I rely on MIT Ai2 based platforms such as Kodular. Also, it will not take years to build my apps as well because when using App Inventor, I can finish apps in a few months, days, or even a day.
So you don’t need to worry.
unless you work for the government
I do not work for the government! Enough of this! Just help me and give me any solution.
To anyone reading this, do you like this public link creation feature or not?
Are you sure about that? All AI2 distributions have the same way of providing download links for compiled APKs.
App Inventor has links of this format: http://ai2.appinventor.mit.edu/b/abcd
They do not happen after building the APK Files after clicking the save apk to my computer button under the export dropdown/button.
I’m afraid you won’t have that niche feature for much longer:
It only happens in Kodular. Also, I found you have answered my Google Form and said yes. Why?
For now, yes. However, it doesn’t pose any security risk to you. If you absolutely must, requiring authentication in-app is always the way to go to prevent unauthorized redistribution. However, your assets will always be accessible from the APK itself, irrespective of your distribution channel.