As presented in Google's documentation, on one side, we have the user at the keyboard and on the other side, the script's author who installed the trigger; that is one aspect of the question and the other is the type of trigger: simple or installable.

Simple triggers run as the user at the keyboard, whether they are anonymous or logged in as an authorized editor, and therefore, simple triggers can only perform actions that don't require specific authorization or to connect to any service that needs authentication.

Following the same logic and knowing that triggers respond to events without informing the user, that is, silently, any installable trigger created by the script author will always run as if the author was running it, that is, under the authority of the author who installed the trigger.

That logic is very simple and easy to understand, but it's important to remember that when setting up a script that uses triggers.

We have seen before that some scripts require authorization before they actually execute; this is the case when a script is able to modify something or perform some action under the user's authority. For example, if you use a script to send an e-mail from your account, you would expect the script to warn you before doing it, right?

So it does; every reference or call to a nonanonymous service in a script file is analyzed when we try to run any function in that script or try to save a trigger for that script (by navigating to Resources | Current project's trigger | Add a new one in the menu bar) and ask for explicit authorization before its execution.

If you are not the owner of the script and you try to execute such a function, you will also be asked for explicit authorization, receive an e-mail that confirms that you have granted this script access to your data, and get a link that you can use to revoke the authorization.

This might seem like a complex procedure, but it's really a major security and privacy aspect that Google took care of, to handle in a secure manner.