Why would anyone want to trust their precious personal information including real name, photograph, and friend list to some random guy from the internet? Would you publish it on reddit? On NH? On shady anonymous forums?
All of that information is already public. Anyone can get it from facebook (not just your friends), why would you care if already public information gets reposted?
Also the app didn't request access to your friends list.
If the app requires an email login, they could search for the email and for the vast majority of people it would return enough information to locate their facebook profile.
That's beside the point though. You're worried that a random person on the internet has access to publicly available information that the entire internet already has access to.
The only extra information you're giving out to the owner of the site by logging in with facebook is that you are a user of this site. The worse thing the owner can do is publish that fact.
That is the only foreseeable risk. I can't imagine enough people are concerned with that risk to make it worth most developer's time to address.
Also the app didn't request access to your friends list.