From 937939710a3cd1244b9cf1e75469c9552671a0d1 Mon Sep 17 00:00:00 2001
From: k4yt3x <i@k4yt3x.com>
Date: Sat, 23 Nov 2024 00:00:00 +0000
Subject: [PATCH] docs(security): add a security policy

Signed-off-by: k4yt3x <i@k4yt3x.com>
---
 SECURITY.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..7ea994a40
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,14 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+- **Email**: Send vulnerability reports via email to [github@k4yt3x.com](mailto:github@k4yt3x.com).
+- **Details**: Include description, impact, reproduction steps, and proof-of-concept if applicable.
+- **Confidentiality**: Do not disclose vulnerabilities publicly until a fix is released.
+
+## Response Process
+
+1. **Acknowledge**: We will acknowledge receipt within 48 hours.
+2. **Assess**: Initial assessment and response within 7 days.
+3. **Fix**: Develop and release a patch promptly.
+4. **Credit**: Acknowledge contributors unless anonymity is requested.