Create a security.md

[Dipanita45]

The project handles sensitive legal documents and claims strong security/privacy features (encryption, secure storage, GDPR compliance, no third-party sharing). However, the repository currently does not include a SECURITY.md file that explains how security vulnerabilities should be reported.

Proposed Change:

Add a SECURITY.md file including:

Private process for reporting vulnerabilities (avoid public issues)

Preferred contact channel for disclosures

Responsible disclosure guidelines and response timeline

Scope of security concerns (document data, storage, auth, API)

Why this is important:

Provides a safe path for reporting vulnerabilities responsibly

Strengthens trust for startups/entrepreneurs using the platform

Aligns the project with GitHub/open-source security best practices

I’m a SWoC’26 contributor and would be happy to work on this if assigned.

[reshma2004]

Hi @Manoj-14 ! Please assign this to me. I have generated this file. Also please include the email address to include in this file in case of reporting vulnerabilities. I will create a PR once you assign. Also I see implementation of Horizontal Pod Autoscaling and Blue-Green Ready with Kubernetes deployments yet to be done in README.md. Can you please assign these issues to me.

[Amangp]

Hi @Manoj-14 👋
I’d like to work on this issue under Social Winter of Code 2026 (SWoC’26).

I can add a well-structured SECURITY.md following GitHub best practices, clearly documenting the vulnerability reporting process, responsible disclosure guidelines, scope, and response timelines, while keeping it aligned with the project’s privacy and security claims.

Please assign this issue to me if it’s available. Thank you!

[Amangp]

hi @Manoj-14 ,
this is to check if the issue is still available .

[Dipanita45]

Please assign me this issue