.github/ISSUE_TEMPLATE/security.md

@@ -0,0 +1,66 @@
+---
+name: Security Vulnerability Report
+about: Report a security vulnerability (use only for non-critical issues)
+title: '[SECURITY] '
+labels: 'security'
+assignees: ''
+
+---
+
+<!--
+SPDX-License-Identifier: GPL-3.0-or-later
+Copyright (C) 2024-2026 Moko Consulting Tech
+
+File: .github/ISSUE_TEMPLATE/security.md
+Description: Issue template for security vulnerability reports
+Project: .github-private
+Author: Moko Consulting Tech
+Version: 03.02.00
+
+Revision History:
+- 2026-01-04: Added MokoStandards compliant header with copyright, file info, and metadata
+- 2026-03-11: Version bump to 03.02.00 to match MokoStandards
+- 2024: Initial creation
+-->
+
+## ⚠️ IMPORTANT: Private Disclosure Required
+
+**For critical security vulnerabilities, DO NOT use this template.**
+Follow the process in [SECURITY.md](../SECURITY.md) for responsible disclosure.
+
+Use this template only for:
+- Security improvements
+- Non-critical security suggestions
+- Security documentation updates
+
+---
+
+## Security Issue
+
+**Severity**: 
+<!-- Low, Medium, or informational only -->
+
+## Description
+<!-- Describe the security concern or improvement suggestion -->
+
+## Affected Components
+<!-- List the affected files, features, or components -->
+
+## Suggested Mitigation
+<!-- Describe how this could be addressed -->
+
+## Standards Reference
+Does this relate to security standards in [MokoStandards](https://github.com/mokoconsulting-tech/MokoStandards)?
+- [ ] SPDX license identifiers
+- [ ] Secret management
+- [ ] Dependency security
+- [ ] Access control
+- [ ] Other: [specify]
+
+## Additional Context
+<!-- Add any other context about the security concern -->
+
+## Checklist
+- [ ] This is NOT a critical vulnerability requiring private disclosure
+- [ ] I have reviewed the SECURITY.md policy
+- [ ] I have provided sufficient detail for evaluation