The short answer is that there is no security on Android CouchDB.
CouchDB is itself an administrator user / password, you can ask the service to provide you with a database for which administrator credentials are provided to you, an administrator and a reader are installed in this database, therefore anonymous access is not allowed, and require_valid_user is not required.
However, all data is stored on external storage, which has no security, the front door is pretty well locked, but the window is wide open, if you have sensitive data, then you cannot use the couch, this is the same for most applications that should handle any significant amounts of data on Android.
It is worth noting that couchdb runs on localhost, so the data is sensitive only to someone who has access to your device, it does not allow people to choose it from Wi-Fi or such.
In the future, several changes may change, ios requires each application to have its own couchdb installation, and it is likely that the android will follow the same model, which means that each application will be provided with seagull server administrator credentials and can protect them data as they wish, after eliminating this problem, I will look for ways to move data from the SD card or protect data on the SD card.