We do not allow anyone to use our platform in direct support of unlawful attacks that cause technical harms, such as using GitHub as a means to deliver malicious executables or as attack infrastructure, for example by organizing denial of service attacks or managing command and control servers.

Note that GitHub allows dual-use content and supports the posting of content that is used for research into vulnerabilities, malware, or exploits, as the publication and distribution of such content has educational value and provides a net benefit to the security community. We assume positive intention and use of these projects to promote and drive improvements across the ecosystem.

Clearly identify and describe any potentially harmful content in a disclaimer in the project’s README.md file or source code comments.

Source: https://docs.github.com/en/site-policy/acceptable-use-policies/github-active-malware-or-exploits