App Security reports permissions that aren't granted

In App Security, for an individual app, it will list sensitive permissions. When I go to manage permissions for that app, most of those permissions aren't actually granted. My first question is - is that list just what the app wants permissions for, not necessarily what its been granted? ... Below that is a section titled "permissions." There are permissions listed there too. This list doesn't match up with the actually granted permissions either. Sometimes, some of them match up if I assume that "other" includes the notification permission. ... So, I don't understand how to make this app security permissions audit useful. Am I missing something? Thanks! (I did read the "i" information pop-ups, didn't help)

The permissions that are requested by an app are what you would see in any notes on a given app. As you noted, the actual permissions granted in Android Settings are the ones that are actually being used. 

Seeing different permission lists, might depend on where you are seeing these lists. The list from the Google Play Store should be the latest information for the latest version. If you are also seeing a list in the 360 app, it may take a little time for that list to get sync'd with the developer's official list.