Docs: link Security Policy from directory troubleshooting reply

[aaronlab]

Goal

Add the Security Policy reminder to the directory/newsletter troubleshooting reply so contributors do not paste credentials, private trace data, or security-sensitive details into public comments.

Scope

Update:

• docs/launch/directory-submission-sheet.md
• tests/test_metadata.py

Expected change

In the ## Troubleshooting Reply section of docs/launch/directory-submission-sheet.md, add a short reminder that security-sensitive reports or private trace data should go through:

https://github.com/aaronlab/browsertrace/blob/main/SECURITY.md

Keep the existing JSON diagnostics commands.

Verification

Run:

uv run --python 3.11 --extra dev pytest -q tests/test_metadata.py -k directory_submission_sheet
uv run --python 3.11 --extra dev pytest -q

Use the First PR Recipe to keep the change small and reviewable:

https://github.com/aaronlab/browsertrace/blob/main/CONTRIBUTING.md#first-pr-recipe

[aaronlab]

Rotated this issue into the current contribution path.

Evidence:

• BrowserTrace rotation commit: 3061981 (docs: rotate good first issue to 225).
• Profile rotation commit: f460be6 (docs: rotate browsertrace good first issue).
• Local targeted contribution-path check: uv run --python 3.11 --extra dev pytest -q tests/test_metadata.py -k "current_trial_and_contribution_paths or current_contribution_path or first_pr_recipe or good_first_issue or contribution_reply or owner_next_actions_link_first_pr_recipe or outreach_targets_link_first_pr_recipe or search_indexing_submission_links_first_pr_recipe or awesome_list_submission_notes_link_first_pr_recipe" -> 39 passed, 177 deselected.
• Local metadata suite: uv run --python 3.11 --extra dev pytest -q tests/test_metadata.py -> 216 passed.
• Local full suite: uv run --python 3.11 --extra dev pytest -q -> 298 passed.
• git diff --check -> clean for BrowserTrace and profile repos.
• Remote CI: 25628237583 success.
• Remote Pages: 25628237570 success.

Leaving this open as the current good-first contribution path.

[aaronlab]

Pinned this as the current good-first contribution path.

Pinned issues now are:

• Launch feedback: what browser-agent failures should BrowserTrace capture? #3 launch feedback
• Integration feedback: Browser Use adapter capture fields #11 Browser Use adapter feedback
• Docs: link Security Policy from directory troubleshooting reply #225 current good-first docs contribution

I unpinned closed #223 so new contributors do not land on a completed task.

[aqilaziz]

I can take this one. I'll update the directory troubleshooting reply and add the metadata coverage requested.

[aaronlab]

Thanks @aqilaziz, go ahead.

I will leave #225 open for you and will not rotate or implement it myself before 2026-05-11 13:00 UTC. A small focused PR that updates the directory troubleshooting reply plus the matching metadata coverage is exactly the right scope.

[aaronlab]

Maintenance update for visitors landing here from good-first-issue directories: #225 is closed and the earlier claim window has already passed.

Use the current good-first issue queue instead of this fixed issue number:
good first issue Good for newcomers

If you want to pick one up, please comment on the open issue first so maintainers can treat it as claimed and avoid duplicate work.