Add Security Policy

[gabibguti]

Adding a Security Policy is important to provide guidance on how users can report potential vulnerabilities and communicate when vulnerabilities will be confirmed, fixed and disclosed to the public.

I recently recommended #118 and, like that change, this one also considered a good-practice and recommended by Github and Scorecard.

If you agree, I can open a PR to suggest a Security Policy! We can then work together to communicate how the repo can best handle vulnerability reports.

Additional Context

Hi again! I'm Gabriela and I work on behalf of Google and the OpenSSF suggesting supply-chain security changes :)

[lemire]

Sure ! Please go right ahead @gabibguti ! The following might be useful:

# Security Policy

## Reporting a Vulnerability

Please use the following contact information for reporting a vulnerability:

- [Daniel Lemire](https://github.com/lemire) - daniel@lemire.me