Well, I am under the impression that even a static page can have security flow, because of this article : https://medium.com/cyberdefendersprogram/making-your-jekyll-...

I think it might not concern a website hosted on github pages, but I wanted to confirm that with people more knowledgeable than me on the matter.