Merge pull request #36 from ossf/add-security.md

hythloda · web-flow · commit ce9dae7f5f3c · 2024-02-16T16:10:44.000-05:00
Add simple SECURITY.md appropriate for a WG
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,12 @@
+# Security
+
+Per the
+[Linux Foundation Vulnerability Disclosure Policy](https://www.linuxfoundation.org/security),
+if you find a vulnerability in a project maintained by the OpenSSF,
+please report that directly to the project maintaining that code.
+
+If you've been unable to find a way to report it,
+or have received no response after repeated attempts, please contact the
+OpenSSF security contact email, security @ openssf . org.
+
+Thank you.
