418sec
One-click Security.MD PR
If there is a option for hackers to send automatically "Create a security.md file" request to each repository that they want to work on it, this is going to very good in my opinion... Because after a repository create a policy, hackers better and better can find vulnerabilities according to maintainer desires(policies) Of course the "Create a security.md file" content should be altered according to this propose.
The content of "Create a security.md file" issue should indicate to maintainers that create a good policy including what security config should be set when bug hunters create a self-hosting of their application and also indicate what kind of vulnerabilities can't be accepted.
@amammad - thanks for the idea here!
We are unlikely to implement this in the short term, as we recently released improvements to the maintainer outreach process. That said, we may circle around again once we re-focus attention on existing issues that may be occurring with the outreach mechanisms.
