My buddy Phil recently encountered an interesting example of unintended consequences by starting down the (initially nonthreatening) path of trying to integrate a third-party site with a GitHub organization. It turns out the default access control configuration of a GitHub organization allows any member of the organization to grant third-party apps access to the data in that organization.
Go back and read that again.
Then read Phil’s writeup for some more details. This gives me plenty to think about.