People can log into my app using their github account.
I manage to get "access_token" as described there: http://develop.github.com/p/oauth.html
Once I have that access_token, is it safe to let users access my app? Is the access_token the proof that I have a valid user or is there any further check I should do?
(Note: basically, I'm just using github as a login system, I don't need to access github api once I have checked the user's credentials and received the access_token)
Once you have the access_token then you are good to go.
Nothing more you need to do.