We should add a security policy to our repository to inform about how potential security issues can be reported to the team. See also the info about this in the github documentation:

https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository