| App | Confidentiality | Integrity | Availability | Permissions |
|---|---|---|---|---|
| SourceTreeForMac | TRUE | TRUE | TRUE | admin:gpg_key admin:org admin:org_hook admin:public_key admin:repo_hook gist repo user |
| AppVeyor CI | TRUE | TRUE | repo | |
| Coveralls Pro | TRUE | TRUE | read:org repo user:email | |
| Github for Atom | TRUE | TRUE | read:org repo | |
| Docker Hub Registry | TRUE | TRUE | repo | |
| Circle CI | TRUE | TRUE | user:email repo | |
| Codetree | TRUE | TRUE | user:email write:repo_hook repo | |
| Waffle | TRUE | TRUE | user:email repo read:org | |
| Heroku Dashboard | TRUE | TRUE | repo | |
| Reviewable | TRUE | TRUE | read:org user:email repo | |
| SmartGit | TRUE | TRUE | repo user | |
| ZenHub | TRUE | TRUE | repo user:email | |
| Codecov | TRUE | user:email admin:repo_hook repo:status read:org | ||
| Read The Docs Community (.org) | TRUE | admin:repo_hook read:org repo:status user:email | ||
| pyup.io | TRUE | public_repo write:repo_hook | ||
| Travis CI | TRUE | read:org repo:status repo_deployment user:email write:repo_hook | ||
| Homu | TRUE | admin:repo_hook public_repo | ||
| Coveralls | read:org repo:status user:email | |||
| AppVeyor | read:org user:email | |||
| Greenkeeper | user:email read:org |
Note : Since we don't know which users have authorized these third party apps, we don't know what those users' permissions are on what repos and so the true impact could be less than what's shown here.