I would expect and hope they scrutinize the apps for code and behaviors that go against their developer rules and guidelines. Any app programmers out there that know differently please chime in.
No, you're exactly right Mike. The exact process Apple uses to evaluate and approve apps is a trade secret, but it definitely involves both introspection (looking into the app to see what frameworks and methods are called) and code-coverage (running the app in a special, internal version of iOS and watching its behavior while also verifying that all the code is being exercised). They also have network sniffers which watch what the app communicates out to the net while it's running.
All that is during approval though, and not during the time customers are using the app. Therefore, it is possible (although difficult) for the occasional rogue app to do things with end users that it didn't do for Apple's testers. That has happened occasionally (but rarely), and Apple has immediately squashed the app and punished its developers when such behavior is discovered. Plus, there is the ever looming threat of severe legal action by Apple against any developers who stray from their strict agreements, so there's a nice deterent effect protecting Apple users, as well.
Let me add, even rogue apps do not have very much bad behavior they can accomplish. All the frameworks in iOS are pretty well locked down, and every app is effectively sandboxed in its own little protected workspace, so it can't really go out and create mayhem for other apps or for the OS, the way virus and Trojan horse malware often does with desktop operating systems.
That's the plus of the AppStore monopoly: Apple uses it to improve everyone's experience using their products, and so there have been significantly fewer bad-actors in the iOS ecosystem.
--
Stephen
BTW Mike: nice idea for an app. I look forward to using it!