Completely agree - our apologies for not making this explicit. See my answer above for why we ask for the permissions we do.
Part of the challenge is that, during the auth dialog, there's no way for us to explain why we're asking for permissions. This is true across every oAuth identity provider I've done integrations with - they don't give you a way to explain why you ask for something like "Manage Contacts".
For that reason, when we ask you to connect to Github, directly below the button we link to a page about security (right now only visible to logged in users, sorry about that):
Part of the challenge is that, during the auth dialog, there's no way for us to explain why we're asking for permissions. This is true across every oAuth identity provider I've done integrations with - they don't give you a way to explain why you ask for something like "Manage Contacts".
For that reason, when we ask you to connect to Github, directly below the button we link to a page about security (right now only visible to logged in users, sorry about that):
http://awesomebox.co/security
We should probably do the same whenever we ask for access to your Google Account. Really appreciate the feedback.