docs: add security section to contributing guidelines

README.md

@@ -42,9 +42,9 @@ ways to get started.
 
 > **Note**
 >
-> Contributions must be made on
-> [the original repository](https://code.castopod.org/adaures/castopod) to be
-> accepted.
+> **Any** contribution made on a repository other than
+> [the original repository](https://code.castopod.org/adaures/castopod) will not
+> be accepted.
 
 ## Contact
 

docs/src/contributing/guidelines.md

@@ -15,10 +15,14 @@ developers managing and developing this open source project. In return, they
 should reciprocate that respect in addressing your issue or assessing patches
 and features.
 
-⚠️ Note that **any** contribution made on a repository other than
+::: info Note
+
+**Any** contribution made on a repository other than
 [the original repository](https://code.castopod.org/adaures/castopod) will not
 be accepted.
 
+:::
+
 ## Using the issue tracker
 
 The [issue tracker](https://code.castopod.org/adaures/castopod/-/issues) is the
@@ -26,6 +30,12 @@ preferred channel for [bug reports](#bug-reports),
 [features requests](#feature-requests) and
 [submitting pull requests](#pull-requests).
 
+## ⚠️ Security issues and vulnerabilities
+
+If you encounter any security issue or vulnerability in the Castopod source,
+please contact us directly by email at
+[security@castopod.org](mailto:security@castopod.org)
+
 ## Bug reports
 
 A bug is a _demonstrable problem_ that is caused by the code in the repository.