![](/static/253f0d9b/assets/icons/icon-96x96.png)
![](https://lemmy.hogru.ch/api/v3/image_proxy?url=https%3A%2F%2Flemmy.world%2Fpictrs%2Fimage%2F9e6bcbaf-e5b9-445c-a3f5-255336634901.jpeg)
I agree. To your last point, I think you need to add more nuance. Lots of apps can take pics and thus require access same as mic. It’s not always a red flag until it is, which naturally should bring you back to a threat model you are comfortable with when analyzing whether permissions are valid
VS code is trash so not much of a challenge there