See https://docs.reviewable.io/registration.html#github-authorizations where they document what they do with the permissions they request.
There are also some notes in their manual which suggest that an admin can revoke access to specific permissions, and it sounds like it will still function.
I’m an admin on a defunct GitHub org that I could experiment with and report back if other insights seem hard to come by.
That’s great feedback, thanks!