Responsibility? No, why would they. But.... I think it would be a great feature for GitHub to passively scan repos and look for common security oversights. They could then just send an e-mail notification about the issue.
No. There are valid cases to upload SSH keys and other certificates or secrets. Preventing it would be annoying, and near impossible to be very effective.
They could be pointing to an environment variable or a number of things. I'm not sure if there's a good way for Github to deal with things like that without affecting at least some users.
edit:..I guess they could just validate that it's a key.
Amazon does help with it. A friend of mine recently went through a newbie programmer class and forgot the teacher instructed them to keep their AWS SSH keys out of their repo and within a 20-hour period someone racked up tens of thousands of dollars in EC2 charges! Amazon kindly refunded the entire bill.
It would be really cool if Github let users know when they are about to do something that is almost certainly a horrible mistake. However, is it their responsibility to stop them? I hope not. They provide a service that does exactly what it says on the box. Github shouldn't be obligated to prevent people from committing files that are otherwise valid and legal.
A better question would be: Could Github be successfully found liable for other users leaving their own keys in a public repository?
I think it would be very useful for repositories to have a default server-side push hook that scans for the most common mistakes, rejecting the push while printing an URL to a page explaining what's going on and with a checkbox for opting out on the check for future pushes to that repo.
I don't think they remove it. I do believe that they send an automated email if they detect private keys from being committed to a public repo though. Amazon does something similar to this and they even revoke the key if they see that its public.