I don't understand. If a public github project's CLI was being used to access workspace, then clearly they had the APIs for it open? How can they restrict how people do that?