Write vulnerability reporting flow

[kamiazya]

Currently, the tidelift vulnerability reporting flow is used, but will be migrated to the vulnerability reporting mechanism provided by GitHub.

After that, specific procedures will also be described in the "Reporting Vulnerabilities" section of the Security Policy document.

Currently, SECURITY.md in the https://github.com/ts-graphviz/ts-graphviz repository contains this description and will be corrected.