diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..fc2810ec
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,26 @@
+# Security Policy
+
+## Reporting Vulnerabilities
+
+**Email**: security@moonshot.cn
+
+When reporting a vulnerability, please include:
+- Description of the vulnerability
+- Steps to reproduce
+- Potential impact
+- Suggested remediation (if any)
+
+**Response Time**: We aim to acknowledge reports within 48-72 hours.
+
+## Security Posture
+
+**Current Status**: Security practices are under active discussion in the community.
+
+- **Independent security audits**: See [Issue #252](https://github.com/MoonshotAI/kimi-cli/issues/252)
+- **GPG signing of releases**: See [Issue #253](https://github.com/MoonshotAI/kimi-cli/issues/253)
+
+## Supported Versions
+
+| Version | Supported |
+|---------|-----------|
+| 0.55    | :white_check_mark: |