The biggest thing to me would be if they offer a verifiable way to tie the modules offered in GitHub's package manager to the source hosted in GitHub. NPM's had a lot of weird issues with package takeover or malicious insertion, and GitHub, being where the source code generally is, has a real opportunity to address that.
