Adding a SECURITY.md file to define a security policy

[kanbin]

Hi,

Would it be possible to add a SECURITY.md file to this repository to define a security policy?

I have no experience with this but here's a guide describing how it can be done: Adding a security policy to your repository.

This would help increase the project's OpenSSF Scorecard rating.

Thanks in advance.

[kanbin]

Hello again!

Scanning this repository with scorecard reports around 10 vulnerabilities. Scanning it again with OSV , you get the following vulnerabilities:

Would it be somehow possible to make these vulnerabilities visible to make people aware? Could, for example, a scorecard badge be added to the repository?

We are considering to use spectral at our organization to lint our OpenAPI descriptions. But, this repository having a quite low scorecard rating makes it difficult for us to adapt to tool.

Thanks in advance. And thanks for providing such a nice tool for OAS linting.

Regards,
inan