On first start you have to login to you GitHub account. But the login comes not from the standard browser. https://prnt.sc/8HUPdBzRjiqs So I do not know from where the page is, looking like GitHub login, nor where the data is sent. Any fraudulent app uses such data scam page. I have to entrust my highly sensitive credentials to an unknown/untrusted third-party application? This is not acceptable. (and also not necessary) Solution: Open the GitHub authentication request in the default browser. In the trusted default browser, you are already logged in, so no transfer of personal credentials is usually required. This ensures that no third-party application knows the credentials.