diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..2cbc972
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,53 @@
+# Security Policy
+
+Thanks for taking the time to disclose responsibly. This file is the org-wide default for any repo under [`Molecule-AI`](https://git.moleculesai.app/molecule-ai) that doesn't ship its own `SECURITY.md`.
+
+## Reporting a vulnerability
+
+**Email**: `security@moleculesai.app`
+
+> Reviewer note: this address is a placeholder. Confirm the live mailbox / forwarding rule is in place before merging this file.
+
+Please include, where possible:
+
+- the affected repo + commit SHA (or the deployed surface)
+- a minimal reproduction
+- the impact you're worried about (data exposure, RCE, auth bypass, …)
+- whether you've shared the report with anyone else
+
+Do **not** file public issues for security reports — the issue tracker is publicly readable. If email isn't an option, ask via a non-public channel and we'll set one up.
+
+## What to expect
+
+- **Acknowledgement within 48 hours** of your initial email (business days; weekends and US holidays may add 1–2 days).
+- A first triage with severity assessment within **5 business days**.
+- A coordinated-disclosure window of **up to 90 days** from initial report — we aim to ship a fix sooner, and will keep you in the loop on the timeline.
+- A credit in the fix's release notes if you'd like one (and a no-credit option if you don't).
+
+## Scope
+
+**In scope:**
+
+- The platform repos: [`molecule-core`](https://git.moleculesai.app/molecule-ai/molecule-core), [`molecule-controlplane`](https://git.moleculesai.app/molecule-ai/molecule-controlplane).
+- The hosted product at [`moleculesai.app`](https://moleculesai.app), including any `*.moleculesai.app` tenant subdomain.
+- The official adapter packages: [`molecule-mcp-claude-channel`](https://git.moleculesai.app/molecule-ai/molecule-mcp-claude-channel), [`molecule-ai-workspace-runtime`](https://git.moleculesai.app/molecule-ai/molecule-ai-workspace-runtime), and the `molecule-ai-workspace-template-*` repos.
+
+**Out of scope:**
+
+- Vulnerabilities in third-party dependencies that have already been disclosed upstream — file with the upstream project; we'll consume the fix.
+- Self-XSS, CSRF on unauthenticated read-only endpoints, missing security headers without a demonstrated impact, automated-scanner output without a working PoC.
+- Issues that require physical access to a user's device, social engineering of our team, or a fully-compromised browser/OS.
+- Denial of service via volume / rate (we have load-shedding; report something exploitable, not "I sent a million requests").
+
+## What we do NOT offer
+
+- **No bug bounty program.** Reports are still very welcome — we'll credit and (when warranted) send swag, but there's no monetary reward.
+- **No safe-harbour legal language beyond what this file states.** Good-faith research conducted in line with this policy will not be the basis of action by us; we cannot speak for third-party infrastructure.
+
+## Non-security issues
+
+For bugs, feature requests, and general questions, file at [`git.moleculesai.app/molecule-ai/internal/issues`](https://git.moleculesai.app/molecule-ai/internal/issues) (or on the specific repo if it's repo-scoped). The GitHub mirror at [`github.com/Molecule-AI`](https://github.com/Molecule-AI) is read-only for the open-source surface as of 2026-05-06.
+
+---
+
+Last updated: 2026-05-06.