Chomp currently wants to access my location, list of running apps, and sensitive log data. An SMS app has no business looking at any of these things, so the developers must either be really sloppy to choose such invasive permissions, or else they must be deliberately using the app to harvest information from users. Either way, I will be recommending that people avoid Chomp until this is fixed.