Create SECURITY.md

SECURITY.md

@@ -0,0 +1,54 @@
+# Security Policy
+
+## Supported Versions
+
+We actively maintain the latest release of Aim.  
+Older versions may not receive security patches.
+
+| Version | Supported          |
+|---------|--------------------|
+| Latest  | ✅ Supported        |
+| Older versions | ❌ Not guaranteed |
+
+---
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in Aim, we strongly encourage you to report it responsibly.
+
+Please **do not open public GitHub issues** for security vulnerabilities.
+
+### To report a vulnerability:
+- Contact us via **[email protected]** (or if not available, reach out through [[email protected]](mailto:[email protected])).
+- Include a detailed description of the issue.
+- Provide steps to reproduce the vulnerability.
+- If possible, suggest potential fixes or mitigations.
+
+We are committed to working with researchers to responsibly resolve security issues.
+
+---
+
+## Disclosure Process
+
+Once a report is received:
+- We will acknowledge receipt within **5 business days**.
+- We will investigate and validate the vulnerability.
+- We will work to develop a patch and release it promptly.
+- We may coordinate a public disclosure timeline with you.
+
+---
+
+## Our Commitment
+
+- We value and appreciate the efforts of the security community.
+- We strive to address security issues promptly and transparently.
+- Responsible disclosures are eligible for public acknowledgment if desired.
+
+---
+
+## Thank You
+
+Thank you for helping improve the security and reliability of Aim.  
+Your contributions ensure a safer experience for all users.
+
+---