Your second paragraph directly contradicts the first.
Since you cannot fix information leakage from LLMs, you must remove the information so that it cannot be leaked. There is no contradiction there.
The point is that Github can’t fix it. It’s the user’s responsibility to not grant access to accounts that shouldn’t have access to the resources in question.
Since you cannot fix information leakage from LLMs, you must remove the information so that it cannot be leaked. There is no contradiction there.