Update SECURITY.md with contact information and clarifications

Added preferred contact methods for reporting vulnerabilities and clarified the security policy.

Author: AmaLS367

SECURITY.md

@@ -0,0 +1,28 @@
+# Security Policy
+
+## Supported Versions
+This project is maintained on a best-effort basis.
+Security fixes are provided for the latest version on the default branch.
+
+## Reporting a Vulnerability
+If you believe you have found a security vulnerability, please report it privately.
+
+Preferred contact:
+- Email: amalsdev367@gmail.com
+- Telegram: @Amanel0
+
+Please include:
+- A clear description of the issue and potential impact
+- Steps to reproduce (proof of concept if possible)
+- Affected versions, commit SHA, or branch name
+- Any relevant logs or screenshots (remove secrets)
+
+## Disclosure Policy
+Please do not open public issues or pull requests for security reports.
+We will acknowledge your report and work on a fix as soon as possible.
+After the issue is resolved, we may publish a short note describing the fix.
+
+## Safe Harbor
+We support good-faith security research.
+Do not exploit the vulnerability beyond what is necessary to demonstrate it.
+Do not access or modify data that is not yours.