docs: add SECURITY.md vulnerability disclosure policy [compliance]

MRJR0101 · MRJR0101 · commit 5f1ff128ff14 · 2026-03-27T01:03:35.000-05:00
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,14 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+To report a security vulnerability, please email rawlsjrm@gmail.com directly.
+
+**Do not open a public GitHub issue for security vulnerabilities.**
+
+You can expect a response within 7 days. If the issue is confirmed, a fix will
+be prioritized based on severity. You will be kept informed throughout the process.
+
+## Supported Versions
+
+Only the latest release on the default branch receives security fixes.
