Bring GitHub collaboration tools to your small screens with GitHub for mobile.
It is expected that the GitHub for mobile apps include both the OAuth client ID and OAuth secret. The usage of Universal/Deep links (
github://) helps reduce the risk of any issue presented here by binding the OAuth callback directly to the GitHub mobile application.
The GitHub for mobile apps do not clear on-screen data when they are backgrounded. This is by design and does not present a security risk.
The GitHub for modile apps do not attempt to detect jailbreaked devices. This is by design and does not present a security risk.