Establish SECURITY.md: Define Security Policy and Vulnerability Reporting

[Saydan3]

Draft and add a SECURITY.md file to this repository that covers:

• Guidance for security researchers regarding responsible disclosure and referencing any external bug bounty or vulnerability reward programs if applicable (e.g., HackerOne, Bugcrowd, etc.).
• Clear procedures for reporting potential vulnerabilities—such as a link or email for responsible disclosure.
• References to further information such as rules, scope, or FAQs if available.

Benefits:

• Increases trust and provides a clear, secure pathway for reporting vulnerabilities.
• Encourages responsible disclosure and transparency relating to security issues.

If any public bug bounty process or platform is in scope, include details and clearly link to the page. Otherwise, specify how to report directly or via other means. See GitHub’s example SECURITY.md for format reference: https://github.com/github/roadmap/blob/d47b19f9bb9367d6ef7383b8f041d43caa2fdca3/SECURITY.md