Create SECURITY.md

modelcontextprotocol · Nov 19, 2024 · 8fee185 · 8fee185
1 parent ec74e7a
commit 8fee185
Showing 1 changed file with 22 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,22 @@
+# Security Policy
+Thank you for helping us keep the SDKs and systems they interact with secure.
+
+## Reporting Security Issues
+
+This SDK is maintained by [Anthropic](https://www.anthropic.com/) as part of the Model Context Protocol project.
+Anthropic takes security seriously, and encourages you to report any security vulnerability promptly so that 
+appropriate action can be taken.
+
+Our security program is managed on HackerOne. Please report any security issues via https://hackerone.com/anthropic-vdp.
+
+## Responsible Disclosure
+
+We appreciate the efforts of security researchers and individuals who help us maintain the security of
+the SDK. If you believe you have found a security vulnerability, please adhere to responsible
+disclosure practices by allowing us a reasonable amount of time to investigate and address the issue
+before making any information public.
+
+## Policy
+
+See our vulnerability disclosure policy at [HackerOne](https://hackerone.com/anthropic-vdp) for further
+details.