[codex] Improve open source documentation governance

[Pigbibi]

Summary

• add or link standard open-source governance docs from the README
• add CODE_OF_CONDUCT across the repository surface
• add missing CONTRIBUTING and SECURITY docs where this repository did not already have them

Validation

• git diff --check
• Markdown link check across repository docs

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 95f367cf4b

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Provide an actual private reporting channel

When GitHub private vulnerability reporting is not enabled for this repository, this policy tells reporters not to open a public issue but only gives a GitHub username; GitHub mentions/profile pages are not a guaranteed private contact mechanism. That leaves no actionable confidential path for credential or workflow-token disclosures, so the policy should include a concrete private channel or require enabling GitHub private vulnerability reporting.

Useful? React with 👍 / 👎.