If you claim this airdrop, best practice would be to save the key, and then first rotate your github keys before claiming. In this way any potential security risk is averted.
The main goal of the Handshake airdrop was to get developers interested in using Handshake, but one of the sub-goals was to help incentivize good security practices. The airdrop process involves running a script on your private key[1], so you should naturally rotate your key after claiming your coins.
[1] https://namebase.io/airdrop