If the grantee is using their OAuth integration for platform abuse, that’s not the fault of the victim, and it’s surely a TOS violation of itself. They should have their API access revoked and the victim’s account should be restored.
I think you agree with OP, they just mixed up grantee and grantor (they use "granted" for grantee and "grantee" for grantor):
> If a user grants someone rights via a platform, then the explicit trust is that the granted party will abide by the platforms TOS in the same way the grantee would.
