SECURITY.md (#169)

* SECURITY.md

* Update SECURITY.md

Author: aryanguptacsvtu

SECURITY.md

@@ -0,0 +1,53 @@
+# 🔒 Security Polspliticy
+
+Thank you for your interest in keeping the `splitwiser` project secure. This document explains how to report security vulnerabilities, what to expect after reporting, and how we handle disclosures.
+
+---
+
+## 🛡️ Reporting a Vulnerability
+
+If you discover a security vulnerability, **please do not open an issue** on GitHub.
+
+Instead, follow these steps:
+
+1. **Email the maintainer directly**
+2. Include the following details:
+   - Description of the vulnerability
+   - Steps to reproduce (if possible)
+   - Potential impact
+   - Any mitigation or workaround suggestions
+
+---
+
+## 🚫 Responsible Disclosure Guidelines
+
+We ask that you:
+- Do not publicly disclose the issue until it has been resolved.
+- Avoid testing vulnerabilities in a way that could disrupt services.
+- Act in good faith and with respect for user data and privacy.
+
+---
+
+## 📃 Disclosure Policy
+
+- We follow a **coordinated disclosure** approach.
+- We appreciate responsible reporting and will publicly disclose the issue only **after a fix has been released**.
+---
+
+## 🔄 Security Fixes & Releases
+
+Security fixes will be merged into `main` and any supported release branches. We will publish release notes describing the fix and migration steps when required.
+
+---
+
+## 🙏 Acknowledgments
+
+We value the contributions from the community and encourage responsible disclosure to help keep `splitwiser` safe and secure for all users.
+
+---
+
+## 🔒 Resources
+
+- [GitHub Security Advisories](https://docs.github.com/en/code-security/security-advisories)
+- [OpenSSF Best Practices](https://bestpractices.dev/)
+- [OWASP Top 10](https://owasp.org/www-project-top-ten/)