docs: add SECURITY.md

SECURITY.md

@@ -0,0 +1,51 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+The Decentraland team takes security vulnerabilities seriously. We appreciate your efforts to responsibly disclose your findings.
+
+### How to Report
+
+If you discover a security vulnerability in the Builder, please report it by emailing:
+
+**security@decentraland.org**
+
+Please include the following information in your report:
+
+- A description of the vulnerability
+- Steps to reproduce the issue
+- Potential impact of the vulnerability
+- Any suggested fixes (optional)
+
+### What to Expect
+
+- **Acknowledgment**: We will acknowledge receipt of your report within 48 hours.
+- **Communication**: We will keep you informed about the progress of addressing the vulnerability.
+- **Resolution**: We aim to resolve critical vulnerabilities as quickly as possible.
+- **Credit**: With your permission, we will credit you for the discovery in our release notes.
+
+### Guidelines
+
+- Please do not publicly disclose the vulnerability until we have had a chance to address it.
+- Avoid accessing or modifying other users' data.
+- Act in good faith to avoid privacy violations, data destruction, or service interruption.
+
+## Supported Versions
+
+We recommend always using the latest version of the Builder to ensure you have the most recent security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| Latest  | :white_check_mark: |
+| < Latest | :x:               |
+
+## Security Best Practices
+
+When using the Builder:
+
+- Keep your wallet and private keys secure
+- Verify transactions before signing
+- Be cautious of phishing attempts
+- Use the official Decentraland Builder at [builder.decentraland.org](https://builder.decentraland.org)
+
+Thank you for helping keep Decentraland and its users safe!