Are there any file size limits?

Yes, see Technical Details .

Why does the app need “write” permission for the OAuth scope when allowing the Confluence instance for Github?

The app technically does not require “write“ permissions but unfortunately the GitHub API does not provide a read-only OAuth scope for public and/or private repos which is what our app needs and we are forced to use the “repo“ scope. Including GitHub documentation on Scopes for OAuth Apps as reference.