From 190f64991ef94558be30d0c31d0e6495f0bf4c3f Mon Sep 17 00:00:00 2001
From: mkagenius <mkagenius@users.noreply.github.com>
Date: Tue, 14 Apr 2026 11:24:13 +0530
Subject: [PATCH] Add SECURITY.md with vulnerability reporting guidelines

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---
 SECURITY.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..d510be2
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,12 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in this project, please report it responsibly. **Do not open a public GitHub issue.**
+
+Instead, please use one of the following methods:
+
+- **Email:** [hello@instavm.io](mailto:hello@instavm.io)
+- **GitHub Security Advisories:** Use [GitHub's private security reporting](https://github.com/instavm/coderunner/security/advisories/new) to disclose the vulnerability confidentially.
+
+We take all security reports seriously and will respond as quickly as possible. Thank you for helping keep this project and its users safe.