That may have been the case with GitHub. Gitlab claimed that it fell into the same category as zero-day exploits (which is ridiculous), and that as such posting it wasn't responsible disclosure and it thus violated their ToS.
Sounds like he contacted some of the sites in the article and they blew him off ("We are 100% secure, don't you see the Verisign badge?!"). But yeah, that still makes sense that it could be pulled for that reason.
It's not just that it makes sense, that's what GitLab said. I can't find the link right now, but it's on the earlier HN post about Github/lab taking it down.
