I was looking through some error logs an app I was using was throwing and found the app didn't have these permissions to be able to look up a package ID in the owner profile.
I was wondering if the scope of these permissions had been investigated for good and bad actors to leverage .
Thanks