https://archive.org/ indicates the unauthorized links appeared on http://www.xenonauts.com/ by 10/29/13. They did not get removed until after I started this thread on 8/13/14, for a total of at least 9.5 months. They then re-appeared by 10/7/14 and are still there (coming up on another month now).
It appears the hack you are referring to was a separate incident and whoever removed the links on 8/13/14 just removed the links but didn't actually fix the backdoor that allowed the hacker in in the first place.
Saying "there couldn't have been any contamination" is premature when you have not yet even identified and fixed the currently existing backdoor.
If anyone has access to both the website and Xenonauts repositories and used the same username and password on both, or the admin account uses the same password on both, or the website hack was achieved via the use of a backdoor installed on one or more computers at GoldhawkInt, or <insert many other common scenarios here>, then it is possible Xenonauts itself could be compromised as well.