>If the permissions included "can star repos", instead of just "can read/write repos", then sure.
There could be perfectly legitimate reasons for a "can star repos" permission as well, with no way for a user to know beforehand if it's going to be abused or not. How about a site wanting to ask a user something like "Hey, you've been using this service for a week now. If you want to support us on Github by starring our repository, click here." for example?
There could be perfectly legitimate reasons for a "can star repos" permission as well, with no way for a user to know beforehand if it's going to be abused or not. How about a site wanting to ask a user something like "Hey, you've been using this service for a week now. If you want to support us on Github by starring our repository, click here." for example?