There are several differences in how GitHub (and other forges) treat pull requests that come from forks vs. pull requests that come from branches in the main repository. These differences are due to security concerns, and you certainly want them to be in place for pull requests from potentially malicious sources.

However, these can also cause problems for contributions from well-meaning external contributors. For example, GitHub Actions workflows will run within a fork (though not successfully if secrets are required.) If core devs are not working from forks, they may not be aware that this is an annoyance to external contributors. By working from forks, it will annoy the core devs as well, and they’ll add the necessary if-statement to prevent the workflow from running in a fork.

In some cases, it is essential that PRs use repository secrets. PRs from forks cannot use secrets. In this situation, it is reasonable to have core developers work off of branches of the main repo.

Some developers have also expressed concern that the workflow for a different user checking out and continuing a PR is somewhat more complicated when the PR comes from a fork. However, this obstacle is easily surmountable.