Revise security reporting guidelines in SECURITY.md (#1045)

Updated the SECURITY.md file to clarify reporting policies and response times.

Author: badmonster0

.github/SECURITY.md

@@ -0,0 +1,26 @@
+# Security Policy for CocoIndex
+
+## Reporting a Vulnerability
+If you discover a security vulnerability in CocoIndex, please report it responsibly to our security team:
+
+**Email:** [[email protected]](mailto:[email protected])
+
+⚠️ Please do not file GitHub issues for security vulnerabilities as they are public! ⚠️
+
+Please provide:
+- A detailed description of the vulnerability
+- Steps to reproduce the issue
+- Any relevant logs, screenshots, or proof-of-concept code
+
+We will acknowledge your report promptly and work with you to resolve the issue.
+
+## Scope
+This policy covers security issues related to CocoIndex open-source software.
+
+## Response & Disclosure
+- We aim to respond as soon as we can.
+- Security fixes will be released as soon as practical after verification.
+
+---
+
+Thank you for helping us keep CocoIndex secure!