Create a Security Policy

[achesin]

Hi team, I've noticed that there is not a security policy for this project. GitHub recommends that projects have a Security Policy (SECURITY.md). This is a simple document that explains how the project wishes to receive and handle responsible disclosure of potential vulnerabilities, hopefully reducing public exposures.

There are a few ways to receive such disclosures:

• have an email or website available to receive such reports; and/or
• use GitHub's private vulnerability reporting feature.

If you're interested in GitHub's feature, it must be activated for the repository by:

1. Open the repo's settings
2. Click on Code security & analysis
3. Click "Enable" for "Private vulnerability reporting (Beta)"

If you activate that, I can send a PR suggesting a Security Policy markdown file afterwards. Thanks!