From 8a242956acfc72f629a86addc7c04bc3caa1c056 Mon Sep 17 00:00:00 2001
From: Ave <ave@ave.zone>
Date: Wed, 12 Jun 2019 23:05:47 +0000
Subject: [PATCH] Create SECURITY.md

closes #36
---
 SECURITY.md | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..00623b2
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,22 @@
+# Security Policy
+
+PRs to this file to improve wording are welcome.
+
+Please do not try to exploit public instances if it's going to cause harm, instead, set up your own instance of robocop-ng.
+
+Breaking "database" files, running arbitrary code, using an unprivileged uesr to do something user can't normally do (editing channels or guild, deleting others' messages, making bot do an @e or @h mention, reading channels that user can't read, writing to channels user can't write to etc) are all considered harmful.
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version      | Supported          |
+| ------------ | ------------------ |
+| Latest git   | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+If the vulnerability fits into the "harmful" category specified above, then please email arcab [at] ave [dot] zone with details, as creating a public issue may cause it to be abused on public instances.
+
+If not, please open an issue.