My point is that it's a lot easier to happen accidentally when the upload happens automatically and without intervention. With git, you directly specify what files you're committing (with the .gitignore as an additional safety net) and when that commit happens. It's all manual.
If I'm testing an app and I want to hard code an API key for testing, and I'm using Github, it's not a problem. I have to explicitly commit that file. Now, I have to both remember that Kite uploads everything, and avoid using that workflow at all, and use the .kiteignore thing (which is another random dotfile in my repo, great).
Again, I go back to your whole issue with how an inexperienced user of Kite can easily shoot themselves in the foot. The same applies to Git: 'git add .' and push.
Yes, you are correct in that an inexperienced Git user can mess up, I won't deny that. My issue here is that Kite requires you to proactively place a .kiteignore, before even whitelisting a directory. It also doesn't alert you that it's about to start indexing the files in the directory tree or that you need to add a .kiteignore to protect sensitive files before you whitelist them. At a minimum they should be respecting the existing .gitignore, and realistically they just be scrubbing all strings before sending any data.
I can 'git add .' and commit my life away, but that requires much more intention and explicitness than clicking enable on a prompt and continuing your standard workflow (ie: a simple 'vi super_seceret_file.py')
There are things like GitFS, but I imagine those aren't part of an average developer's workflow.