FWIW, I agree GH shouldn’t have banned OP. But … I’m pretty sure they weren’t giving out access to control OP’s account through a standard SSO flow, as OP assumed. Massively more likely, OP just didn’t pay attention, and granted said access explicitly during an OAuth2 authorization code flow.
My entire point is that they did explicitly grant the permissions and that if you see a dialog like this: https://i.stack.imgur.com/Iol8j.png
And you're ready to hand over even the first 3 items there, you're not likely to assume or even notice that github stars about to get you knocked out of orbit.
I know this is a place of hubris but it almost comes across as a strange lack of self-awareness that this many people actually think they'd have caught that.
