First of all, a GitHub app can only "act on your behalf" in the repository/organization where it's installed (which is only https://github.com/ByteLegendQuest). It has no permission to access any other resources outside.
When you finish the code challenges, you actually create a pull request on GitHub and trigger a GitHub action (which is opensource and you can examine the whole process). So "act on your behalf" means "invoke GitHub API to create pull request in github.com/ByteLegendQuest organization". The app won't and can't access any resources outside github.com/ByteLegendQuest organization.
I know the permission request looks a bit scary. But I'm an individual developer, using GitHub API/webhook/actions would be the easiest and cheapest solution for me.
First of all, a GitHub app can only "act on your behalf" in the repository/organization where it's installed (which is only https://github.com/ByteLegendQuest). It has no permission to access any other resources outside.
When you finish the code challenges, you actually create a pull request on GitHub and trigger a GitHub action (which is opensource and you can examine the whole process). So "act on your behalf" means "invoke GitHub API to create pull request in github.com/ByteLegendQuest organization". The app won't and can't access any resources outside github.com/ByteLegendQuest organization.
I know the permission request looks a bit scary. But I'm an individual developer, using GitHub API/webhook/actions would be the easiest and cheapest solution for me.