From e880fa694fbf1f19d433aa294ca21e6c04212f1e Mon Sep 17 00:00:00 2001
From: James Hegedus <jthegedus@hey.com>
Date: Tue, 14 Feb 2023 02:47:15 +1100
Subject: [PATCH] docs: explicitly state no security for this repo

---
 SECURITY.md | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..cb4a77f39
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,30 @@
+# Security Policy
+
+We do not offer any security policy for the contents of this repository.
+
+## No Security Provided
+
+This repository was created as a usability convenience, it is not required to
+use asdf.
+
+This repository is a collection of asdf plugins found online, it is a collaborative
+effort by the community. Repositories linked from here are:
+
+- not covered by any security policy from the asdf team
+- not scanned automatically for dangerous or malicious operation
+
+## What the asdf Team Recommend
+
+The expectation is that users will vet the code of each plugin before use, as is
+expected of other OSS plugin and package ecosystems.
+
+The asdf core team discourage the use of this shortname repository. Read the code
+in the plugins you use. Install the plugins you trust via the direct URL method:
+
+```bash
+asdf plugin add <name> <git_url>
+```
+
+---
+
+For the asdf core Security Policy, see https://github.com/asdf-vm/asdf/blob/master/SECURITY.md