Is it a good practice to grant pod update permission to the application code running inside a pod?

I have one scenario that needs to let the application run inside the pod to update the pod’s annotation through api-server api. The reason I need to do this is I am building a service discovery mechanism by watching the Kubernetes API Server:

  1. I have something generated at runtime and I want to deliver it to some other pods that run in the same cluster
  2. The other pods that listen to a specific service will be able to receive the annotation when the value is updated in 1.