diff --git a/README.md b/README.md
index abbb264..de9a147 100644
--- a/README.md
+++ b/README.md
@@ -233,4 +233,4 @@ AtomicRAG/
 
 ---
 
-*Amaresh Hebbar · [HuggingFace](https://huggingface.co/AmareshHebbar) · [W&B](https://wandb.ai/amareshhebbar)*
\ No newline at end of file
+*Amaresh Hebbar · [HuggingFace](https://huggingface.co/AmareshHebbar) · [W&B](https://wandb.ai/amareshhebbar)*# Team
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..b771673
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,28 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported |
+|---------|-----------|
+| 0.1.x   | ✅        |
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in AtomicRAG, please **do not open a public issue**.
+
+Instead, email directly: amareshhebbar@gmail.com
+
+Include:
+- Description of the vulnerability
+- Steps to reproduce
+- Potential impact
+- Suggested fix (if any)
+
+You will receive a response within 48 hours.
+
+## Scope
+
+- Model output hallucination leading to incorrect query decomposition
+- Prompt injection via malicious input questions
+- Unsafe deserialization in JSON output parsing (src/utils.py)
+- Dependency vulnerabilities in requirements.txt