Android dex file (SDK 39 Android)

Hi All,

our security team has conducted some tests on your android apk, and have the following questions.
{
“file” : “classes2.dex”,
“offset”: 6762466,
“contains”: “https://expo.io/"@c**********"
}

  1. What is the impact if someone gets these hard coded credentials? What can they do in expo.io?
  2. Could we remove these hard coded credentials?

Sorry I’m not a fully fledged mobile dev. so don’t quite know what this file is meant for.

Many thanks in advance.