Right. I don't think I've done that with Skype on my Mac. – Picking it from a view within the app, or perhaps even dragging it from the Photos app could definitely activate the system call. Dragging it from the desktop or any other location through Finder shouldn't, seeing it's not interacting with the system's photo library, just a regular file handler.
Makes good sense. I wouldn't worry about Firefox, as it's open source and people check and audit the code to make sure nothing fishy is happening there.
I also would think Skype to be safe in that aspect, since Microsoft probably wouldn't take the risk considering they see Skype as a business platform; Then again they could consider Skype and Skype for Business different enough products to incorporate data-mining in the regular Skype to sell to advertisers. But EU GDPR regulations mean that they'd have to make it obvious to the user that they were doing it, and require explicit consent, not just something burried in a 200 page EULA. That is, they could theoretically make such consent actions only be present in the EU version of Skype, but most companies don't want the hassle of differentiating their products too much between markets if it can be avoided, so they don't have to maintain separate codebases.
If you don't use Photos access in the app, I'd encourage disallowing it again from System preferences to be entirely on the safe side, but I think you're alright regardless.