fix(ci): fix workflow failures

- Create missing SECURITY.md file required by CI consistency check
- Fix YAML syntax error in pages.yml caused by heredoc being parsed as YAML
  - Replace heredoc with echo statements to avoid YAML parser confusion

Fixes GitHub Actions workflow failures

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>

Author: shijiashuai

.github/workflows/pages.yml

@@ -252,17 +252,17 @@ jobs:
           fi
           
           # Create _redirects for Netlify compatibility
-          cat > "$SITE_DIR/_redirects" << 'EOF'
-# Redirect rules
-/en/api/cpp    /cpp-api/index.html    200
-/en/api/python /python-api/index.html 200
-/zh-CN/api/cpp    /cpp-api/index.html    200
-/zh-CN/api/python /python-api/index.html 200
-EOF
-          
+          {
+            echo "# Redirect rules"
+            echo "/en/api/cpp    /cpp-api/index.html    200"
+            echo "/en/api/python /python-api/index.html 200"
+            echo "/zh-CN/api/cpp    /cpp-api/index.html    200"
+            echo "/zh-CN/api/python /python-api/index.html 200"
+          } > "$SITE_DIR/_redirects"
+
           # Create 404 page
           cp "$SITE_DIR/404.html" "$SITE_DIR/404.html" 2>/dev/null || echo '<!DOCTYPE html><html><head><title>404</title></head><body><h1>404 - Page Not Found</h1><a href="/hpc-ai-optimization-lab/">Go Home</a></body></html>' > "$SITE_DIR/404.html"
-          
+
           echo ""
           echo "=== Final Site Contents ==="
           ls -la "$SITE_DIR/"

SECURITY.md

@@ -0,0 +1,47 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 0.1.x   | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+We take the security of HPC-AI-Optimization-Lab seriously. If you believe you have found a security vulnerability, please report it to us as soon as possible.
+
+### Reporting Process
+
+1. **Do NOT** open a public GitHub issue for security vulnerabilities
+2. Email your findings to the project maintainers
+3. Include:
+   - Description of the vulnerability
+   - Steps to reproduce the issue
+   - Potential impact assessment
+   - Suggested fix (if any)
+
+### Response Timeline
+
+- **Initial Response**: Within 48 hours
+- **Status Update**: Within 7 days
+- **Fix Timeline**: Based on severity
+  - Critical: Within 7 days
+  - High: Within 30 days
+  - Medium/Low: Within 90 days
+
+### Security Best Practices
+
+When using this project:
+
+1. Always review code changes before merging
+2. Keep dependencies up to date
+3. Follow the principle of least privilege when configuring access
+4. Regularly audit CI/CD workflows and permissions
+
+## Security Updates
+
+Security updates will be released as patch versions and announced in the [CHANGELOG.md](CHANGELOG.md).
+
+## Acknowledgments
+
+We appreciate responsible disclosure of security issues and will acknowledge reporters (with permission) in our release notes.