I built a new GitHub App recently called ReviewNB (GH App). I sent it to a few early users and one of the strong feedback point is - GitHub auth message is not very clear in communicating what access is being given.
The top part in this screenshot (Your Account, Resource, Action) makes it sound like the App will have permission to Determine what resources both you and app XYZ can have. That sounds like app is acting as a super user on my account. Whereas in fact, the app has no access until user later installs it on some repos. This is confusing to many users, especially for someone who haven’t used any GitHub App before.
Compare this to Github classroom auth screen. It is much more concise and apt. Why not use something similar for Github Apps? If not that, at least something that doesn’t make users feel like this app is going to be the root of my account and control all resource and actions .