doc: use standard Google security policy for GitHub projects (#5062)

2025-12-19 09:33:53 +00:00 · 2025-08-01 12:12:32 -04:00
parent 7748e56153
commit d42e3f1e7f
2 changed files with 12 additions and 0 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,8 @@
+# Reporting Security Issues
+
+To report a security issue, please use [https://g.co/vulnz](https://g.co/vulnz).
+We use g.co/vulnz for our intake, and do coordination and disclosure here on
+GitHub (including using GitHub Security Advisory). The Google Security Team will
+respond within 5 working days of your report on g.co/vulnz.
+
+[GitHub Security Advisory]: https://github.com/google-gemini/gemini-cli/security/advisories