Yes sir you are correct ,
I think you are correct but again it is the responsiblity of github to protect our code and data in od=rder to maintain privacy alhtogh if someone is making repo publicly then no problem but if private repo is being used then that's a problem and this security should ensured by github.