CREEP.

22 OAuth grants we hold on third parties. 6 expanded scope beyond the original consent. 2 now request scopes the integration never uses.

Scope grows quietly. Liability grows with it.

SC-014 · LinkedIn SalesNav OVER-SCOPED

Granted: full profile read. Used: name + title only.

Re-authorize with minimum-viable scope, document delta.