As per other NSA released projects like selinux, I'm sure people here will doubt the intentions behind this project. I have only had a bit of time to look it over so far, but it looks pretty neat. I think we need to remember before doubting this, that the intentions of the NSA for the most part are to protect American citizens and businesses. Releasing tools to help them further this are generally in interest of that.
I'm sure there is some way for them to get through tools like selinux if they encounter it, but for that particular toolkit I'm sure that any potential pitfalls in that respect are far outweighed by the standard criminal hackers or state sponsored attackers, having a harder time breaking your systems.
There's groups in NSA that periodically release things to benefit government and industry. This is probably one of them. It looks like the kind of straight-forward thing a small team in government would put together. However, we also know the organization poisons solutions. So, I'd either review and rebuild from 3rd party source anything in this project; or avoid it in favor of a solution from a provider with a different mission.
Besides, I'm sure the cloud and IT security communities have published better stuff elsewhere given the difficulties. If anything, NSA's IT seems behind the times again.
I'm sure there is some way for them to get through tools like selinux if they encounter it, but for that particular toolkit I'm sure that any potential pitfalls in that respect are far outweighed by the standard criminal hackers or state sponsored attackers, having a harder time breaking your systems.