This has a really big security flaw, if the creator wanted to be mischievous he could change his js file to do things to your logged in github account, for example set your privet repositories public.
If you want to use it you should fork it and change to bookmarklet to use your fork of the js file.
And I would always lean to the side of trust in people, I wouldn't expect you or most people here to abuse it.
Its a little bit of a pet hate, the suggested linking to JavaScript files in another persons repository. The worst was the HTML5 Shim, for a long time they suggested linking directly to their svn repo, fortunately they don't now. It was about the same time people started thinking about using the google cdn for javascript libraries and so people just did it thinking they were helping their page load times when in fact they were compromising the security of their users and themselves.
Using Google CDN places no more trust in Google than using Google Analytics or AdSense. Unless your site handled sensitive data or is mission critical, I believe it's reasonable to trust Google not to do anything malicious.
It's worth noting that the same issue exists with Chrome extensions. I wonder how strong a Google password the authors of popular Chrome extensions have.
Just thinking about this, what's needed is some kind of trusted public cdn that you can send files to but cannot change so that library writers can point towards a cdn hosted version of the library without running one themselves and removing security vulnerability.
I suspect that JS that didn't depend on the page-load to trigger it would work too. I had never considered looking at JS-enabled pages though. When I wrote my bookmarklet, I just needed to view static documentation.
Edit: I found a page with only on-click JS events, and they didn't work. Oh well...
There has ben more than a few times that I've wished to be able to do this while browsing trough random github repos, kudos to the developer, this looks very handy!
I mean, it has virtually nothing to do with git.