I think there’s a clear cut case with personal-files when a snap manages its own configs.
There’s a less clear case when we have an ecosystem of related tools (but not with one single upstream) that deal with the same pieces of config, the config of the central bit/hub of that ecosystem.
The question is a bit whether there are clear expectations on the part of the person installing the snap what it will touch/have access to, we have also no good mechanism right now to surface this information before installing.
At the moment we are also missing a mechanism that @niemeyer mentioned which is when we grant connection only to a very privileged interface we cannot enforce that the plug name makes it clear what it is about. We discussed having for this slot-names/plug-names constraints in the declaration language.
In the end cargo-culting instructions about connecting things is also not a good outcome.