First, a chat bot is not an API. Second, they were talking about the the formatting and delivery method of the data, not the content.
Regarding the output of the model: Some repos are entirely READMEs by their nature. No code, just documentation and walkthroughs. Notwithstanding that; If I set a flag that's says "don't use my data" and they use it anyway, that's theft, even if it's only one file, even if the file is just a description of the code. That's my work, not yours. You don't get to use it however you want, unless I specifically note that it's public domain (or you use it and follow the license, like attributing me, or linking to the repo, etc).
As to the difference between a bot and a human (re: stack overflow)? The former is a representative of a company (automation or not, whether it's a bot or a page on their corporate site), the latter is a person relating experience and opinion. The legal difference is that one is using the data commercially, and the other is just a person in the world, answering another person's question for no reason other than a desire to be helpful (and if they're decent, attributing the source instead of claiming that they're generating wisdom on their own).
That last parenthetical used to be called plagiarism, by the way.
"Best practice" isn't a catch-all rebuttal. Best practices are contextual. I'm keen to see your justification for encryption beyond "all sites should encrypt everything always".
My assertion is that this isn't necessary in this case. Why do you think that it is necessary to encrypt open-source, freely available, non-controversial site content?