> As described in the first example of the article, you can make a fork, commit to it, delete your entire fork, and yet the data will still be accessible via the parent repo, even though no one ever forked or cloned or saw your fork. That is not intuitive at all.

But isn't that only the third vulnerability, that private forks are implicitly made public?

As I said, I won't defend that decision.