Plugins in this Workspace Should Have a Mandatory SECURITY.md

[tillmann-crabnebula]

During looking into the new plugin based structure for v2 I noticed that there is no threat model, security boundary assumptions and way to contact the original author or maintainer in a reasonable secure way.

I would propose to create a template for this file, apply it to existing plugins and once it has matured require it for all officially maintained plugins (aka all plugins in this workspace).

[denjell-crabnebula]

This is a fantastic idea. Can you make a template and start adding them in a PR?