In light of the recent breaches of the GitHub OAuth tokens held by Travis-CI and Heroku, it seems prudent to review which services you've given GitHub OAuth access to, and what level of access.
Seeing which services have been granted some degree of access is easy. But I cannot see any way of discovering what level of access those services have -- and knowing this is really important. Advent of Code asks for read-only access to public information, which isn't concerning. But something like Travis-CI asks to be able to read private repos and for write access to commit status, webhooks, etc. It's an important difference.
So how can we see what the access level is for these services/applications?
Bonus: And is there a way to review that for organization members?
The individual entries in the list can be clicked on and bring you to permission information. Somehow I totally failed to realize that.