Add security policy (#996)

commit: 0ff60731f803851cfd816205b32bb1dc6657c3b0 [log] [tgz]
author: Eugene Kliuchnikov <eustas.ru@gmail.com> Tue Jan 03 18:24:47 2023 +0100
committer: GitHub <noreply@github.com> Tue Jan 03 18:24:47 2023 +0100
tree: bc3fdbb52f2f127e0915fd94fffa7ae02ac61a31
parent: 81181ecfb62ec9474a5501ec26c1d14242b4face [diff]
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..c2a44c6
--- /dev/null
+++ b/SECURITY.md

@@ -0,0 +1,6 @@
+### Reporting
+
+To report a security issue, please use [https://g.co/vulnz](https://g.co/vulnz).
+We use g.co/vulnz for our intake, and do coordination and disclosure here on
+GitHub (including using GitHub Security Advisory). The Google Security Team will
+respond within 5 working days of your report on g.co/vulnz.
commit	0ff60731f803851cfd816205b32bb1dc6657c3b0	[log] [tgz]
author	Eugene Kliuchnikov <eustas.ru@gmail.com>	Tue Jan 03 18:24:47 2023 +0100
committer	GitHub <noreply@github.com>	Tue Jan 03 18:24:47 2023 +0100
tree	bc3fdbb52f2f127e0915fd94fffa7ae02ac61a31
parent	81181ecfb62ec9474a5501ec26c1d14242b4face [diff]