But how you can assure that the app you're going to install is the one or have full copy of the code that is publicly available for viewing on github is the same? Since you're going to install the app from app store or play store?
If you install something directly from the Apple app store or Google play store then you are right - you have absolutely no way of verifying what you are installing. This is the wrong way to install things, though.
The better option is to download the app directly from the developer, verify its signatures or hashes, and then transfer the .apk file to your phone to be installed.
The best option is to download the source code, build the binaries yourself, and then use them to install the wallet on your phone.
There is also this thing called deterministic or reproducible builds that only a handful of wallets like bitcoin core and Electrum support which is when anybody who builds the same source code following the same steps will always end up with the same binaries. This is useful for those who can't build the binaries from source themselves and it gives the additional security assurance that the source code was not modified when building the software.