I got a security allert from Google stating that I should perform a security check.
The check stated that Akonadi Resources for Google Services is vulnerable and so does not have high enough security features.
The recommendation is to switch off access. Recently access in KMail to my GMail account had some issues. It was recommended to use PLAIN access.

I there a way to improve security?

Interesting. We use the native OAuth authentication method which Google considers the most secure as far as I know.

One reason they might not consider us secure enough is that, given the nature of open-source, we are unable to hide our API keys so, in theory, anyone could just copy our API keys into their malicious software and pretend to be "Akonadi Resources for Google Services" so that users would grant access to them. There's nothing we can do about that, unfortunately.