Used to be that way! But actually for security reasons, it was better for us to operate out of a separate domain. The github.com domain is very locked down for good reason.
Also, various boring realities around SSL termination made deployment difficult in a github.com domain. This was the expedient solution. Not phishing!
This happens all the time because setting up an entirely new domain yourself is way less work than asking the internal IT team to set up a subdomain for you. If the GitHub IT team is reading this then yes, that means you failed.
I'd imagine it's less about setup complexity and more about reducing the attack surface of the main domain where any number of mistakes on the subdomain could expose a vulnerability for the main domain as well.
Also, various boring realities around SSL termination made deployment difficult in a github.com domain. This was the expedient solution. Not phishing!