Posted as supermarkt/checkjebon#22.
Title:
Document contributor and security reporting workflow
Body:
Hi maintainers. I ran a local maintainer-readiness audit with `oss-signal` and noticed a few lightweight repository-health files that could make future contributions easier to triage:
- `CONTRIBUTING.md` for local setup, tests, and review expectations
- `SECURITY.md` for private vulnerability reporting
- `.github/ISSUE_TEMPLATE/bug_report.md` for reproducible bug reports
- `.github/PULL_REQUEST_TEMPLATE.md` for test and docs checklists
GitHub's community profile already detects the README and license, so this would mainly document maintainer workflow rather than change product code.
I can open a focused PR with starter templates if that would be welcome. If these files are intentionally omitted, no problem; feel free to close.
Local report: supermarkt-checkjebon-report.md