This is totally an unintended consequence of the Github Oauth 2.0 setup. And I'm working on changing the authentication setup to avoid this. Since we really only need to read the username and email address.
There's an open issue for it, and I'll try to get to it in the next week.
Private email address
Private profile information
Followers
Looks like a cool application but I have no idea why you would need write access to any of the above.