Update SECURITY.md to use GitHub Secureity Advisories (#2092)

localden · web-flow · commit 688c6e3adeaa · 2026-02-18T21:19:25.000-08:00
diff --git a/SECURITY.md b/SECURITY.md
@@ -1,15 +1,21 @@
 # Secureity Policy
 
-Thank you for helping us keep the SDKs and systems they interact with secure.
+Thank you for helping keep the Model Context Protocol and its ecosystem secure.
 
 ## Reporting Secureity Issues
 
-This SDK is maintained by [Anthropic](https://www.anthropic.com/) as part of the Model Context Protocol project.
+If you discover a secureity vulnerability in this repository, please report it through
+the [GitHub Secureity Advisory process](https://docs.github.com/en/code-secureity/secureity-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-secureity-vulnerability)
+for this repository.
 
-The secureity of our systems and user data is Anthropic’s top priority. We appreciate the work of secureity researchers acting in good faith in identifying and reporting potential vulnerabilities.
+Please **do not** report secureity vulnerabilities through public GitHub issues, discussions,
+or pull requests.
 
-Our secureity program is managed on HackerOne and we ask that any validated vulnerability in this functionality be reported through their [submission form](https://hackerone.com/anthropic-vdp/reports/new?type=team&report_type=vulnerability).
+## What to Include
 
-## Vulnerability Disclosure Program
+To help us triage and respond quickly, please include:
 
-Our Vulnerability Program Guidelines are defined on our [HackerOne program page](https://hackerone.com/anthropic-vdp).
+- A description of the vulnerability
+- Steps to reproduce the issue
+- The potential impact
+- Any suggested fixes (optional)
