Only if you want to be able to unstar from the app, with the app doing it via the API. I'd much rather give it read-only public access and not be able to unstar from it.
It would be nice to at least have the option of not providing access to public repos. Actually, I suspect most people wouldn't mind not being able to manage private starred repos so perhaps all it takes is a simple change of the permissions being asked for.
I understand there are some R/W issues with the GH permission model, but I don't think there's any problems with separating access to public and private repos.
