update security policy

Author: ChristianLempa

SECURITY.md

@@ -0,0 +1,25 @@
+# Security Policy
+
+I take the security of my projects seriously. If you discover any security vulnerabilities or have concerns regarding the security practices advised this repository, please reach out to me immediately. I appreciate your efforts in responsibly disclosing the issue and will make every effort to address it promptly.
+
+## Reporting a Vulnerability
+
+To report a security vulnerability, please follow these steps:
+
+1. Go to the **Security** tab of this repository on GitHub.
+2. Click on **"Report a vulernability"**.
+3. Provide a clear description of the vulnerability and its potential impact. Be as detailed as possible.
+4. If applicable, include steps or a PoC (Proof of Concept) to reproduce the vulnerability.
+5. Submit the report.
+
+Once I receive the private report notification, I will promptly investigate and assess the reported vulnerability.
+
+Please do not disclose any potential vulnerabilities in public repositories, issue trackers, or forums until we have had a chance to review and address the issue.
+
+## Scope
+
+This security policy applies to all the code and files within this repository and its dependencies actively maintained by me. If you encounter a security issue in a dependency that is not directly maintained by me, please follow responsible disclosure practices and report it to the respective project.
+
+While I strive to ensure the security of this project, please note that as an individual developer, there may be limitations on resources, response times, and mitigations.
+
+Thank you for your help in making this project more secure.