From 6f5ab8f1af0e0f882a264de73b8b0ce267e3ba44 Mon Sep 17 00:00:00 2001
From: Rehan Ahmad <rehan.meeh@gmail.com>
Date: Thu, 11 Jun 2026 13:42:27 +0530
Subject: [PATCH 1/2] docs: add SECURITY.md with vulnerability reporting policy

---
 SECURITY.md | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..b243ec2
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,53 @@
+# Security Policy
+
+## Supported Versions
+
+Security updates are currently provided for the latest code available on the `main` branch.
+
+| Version | Supported |
+| ------- | --------- |
+| main    | ✅ Yes    |
+
+## Contact Details
+
+To report a security vulnerability in **LocalMind**, please contact the maintainer through one of the following channels:
+
+- 👤 Maintainer Profile: [Github](https://github.com/imDarshanGK)
+- 💬 Contact the maintainer through any social links listed on the GitHub profile
+
+> Please **do not** open a public GitHub issue for security vulnerabilities.
+
+## Expected Response Time
+
+| Action | Timeframe |
+| ------- | --------- |
+| Acknowledgement of report | Within 48 hours |
+| Status update | Within 7 days |
+| Patch / fix release | Within 30 days |
+
+## Responsible Disclosure Policy
+
+We follow a **responsible disclosure** policy:
+
+- Please report vulnerabilities privately before any public disclosure
+- We request an embargo period of 30 days to investigate and patch the issue
+- After a fix is released, you are welcome to publish your findings
+- We will credit reporters in release notes unless anonymity is requested
+- We deeply appreciate the efforts of security researchers and contributors who help keep the project secure 🙏
+
+## What to Include in Your Report
+
+- A clear description of the vulnerability
+- Steps to reproduce the issue
+- Affected versions or components
+- Potential impact assessment
+- Proof of concept, screenshots, or logs (if applicable)
+- Any suggested fix (optional but appreciated)
+
+## References
+
+- LocalMind Repository: https://github.com/imDarshanGK/localmind
+- GitHub Security Advisories: https://docs.github.com/en/code-security/security-advisories
+- OWASP Vulnerability Disclosure Cheat Sheet: https://owasp.org/www-community/Vulnerability_Disclosure_Cheat_Sheet
+- Adding a Security Policy to Your Repository: https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository
+

From 90bdee06b8c3574422527b8da3af477e99705a9d Mon Sep 17 00:00:00 2001
From: Rehan Ahmad <rehan.meeh@gmail.com>
Date: Fri, 12 Jun 2026 17:47:43 +0530
Subject: [PATCH 2/2] Include Feedback

---
 SECURITY.md | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index b243ec2..9a1f1fe 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -42,12 +42,4 @@ We follow a **responsible disclosure** policy:
 - Affected versions or components
 - Potential impact assessment
 - Proof of concept, screenshots, or logs (if applicable)
-- Any suggested fix (optional but appreciated)
-
-## References
-
-- LocalMind Repository: https://github.com/imDarshanGK/localmind
-- GitHub Security Advisories: https://docs.github.com/en/code-security/security-advisories
-- OWASP Vulnerability Disclosure Cheat Sheet: https://owasp.org/www-community/Vulnerability_Disclosure_Cheat_Sheet
-- Adding a Security Policy to Your Repository: https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository
-
+- Any suggested fix (optional but appreciated)
\ No newline at end of file