That's really more of an issue if you are serving them directly via GitHub, or linking to GitHub. Presumably they have a local repo, so if someone did something nefarious with the revision history, it would be easy to detect, but having it online with revision history does make it more transparent.
Really, what we have here is the draft documents from which they publish their policies and guidelines, just like a public source repo is a draft repo from which production is deployed (hopefully).
Really, what we have here is the draft documents from which they publish their policies and guidelines, just like a public source repo is a draft repo from which production is deployed (hopefully).