I’m probably one of the few people still using a Pebble smart watch (still alive and kicking with Rebble!), and I’ve just gone through the app store and found a few cool apps that still work. Given that you have to give the Pebble android app quite a few permissions to be able to do its thing I’m now wondering if all the third-party apps can also access all those permissions. They’re mostly little FOSS one-person projects so I can probably have a nose through the source myself to check for dodgy behaviour, but does anyone know what the risks are in general?