From ee190b604985446e4c16163f4f6164bfec473f9a Mon Sep 17 00:00:00 2001
From: CaIon <i@caion.me>
Date: Wed, 6 May 2026 20:17:05 +0800
Subject: [PATCH] docs(security): add bulk reporting policy with block warning

Uncoordinated bulk vulnerability submissions have caused significant
disruption. Added a prominent notice requiring prior coordination for
bulk reports, with clear consequences: closure without review and
potential blocking of repeated offenders.
---
 .github/SECURITY.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/SECURITY.md b/.github/SECURITY.md
index f940bee4..a58ce078 100644
--- a/.github/SECURITY.md
+++ b/.github/SECURITY.md
@@ -1,5 +1,13 @@
 # Security Policy
 
+> [!IMPORTANT]
+> **Bulk Reporting Policy:** If you need to submit multiple vulnerability reports in bulk, **you must contact us first** (support@quantumnous.com) to coordinate the submission process. Uncoordinated bulk submissions have caused significant disruption to our team, and we will take the following actions:
+>
+> 1. **All uncoordinated bulk reports will be closed without review.**
+> 2. **Repeated offenders may be blocked** from further submissions.
+>
+> We welcome thorough security research, but please reach out before submitting multiple reports.
+
 ## Supported Versions
 
 We provide security updates for the following versions: