I don't know what app you're talking about, but I find the fact that it uses OAuth disturbing: in my knowledge, HN doesn't officially support OAuth. So your app must interact with a third party endpoint. (I may be wrong here, it's just speculation). In any cases, it doesn't seem more trustworthy than typing your credential "directly in the app".HNBuddy interacts with the HN website through a web scraper that is open source [1]. Though, as discussed in another comment, I can't really give you any proof that the code of this scraper is the actual code built in the app.
Anyway, if you don't trust me, you can still use the app as a simple reader :)
[1] https://github.com/tsucres/HNScraper
willyyr|8 years ago