What security concerns should one take into account for Android apps and data residing outside of Kali Nethunter. Would using Nethunter as a MITM AP or via USB possibly expose any data from the regular Android apps to the client being MITM'd?

There is an app called Wifi Protector that can detect ARP attacks on the network, even giving you the attacker's MAC address and iP address. it can be found here:
https://play.google.com/store/apps/details?id=com.gurkedev.wifiprotector&hl=en