Before I allow this read access to all of my code, what kind of checks should I run through on GitMonKey as an organisation/product?
Edit: when I try to go back to the homepage from the "Install GitHub Integration" page, I'm redirected back. Probably just paranoia.. but still. I want to learn more about the people behind this before clicking this button.
Edit 2: no Twitter, no incorporated entity, no names of the people behind this, nothing to reassure. No account management screen I can see, no way to revoke GitMonkey's access. Is this just a massively dodgy idea?
You wouldn't revoke its access on their end, you'd do it on GitHub's end: https://github.com/settings/applications
Otherwise, GH would still have the approval on file (there's no way for them to know you deauthorized on the GitMonkey side) so they'd instantly be able to get a token again.