chore: add RSR compliance files (SECURITY, CONTRIBUTING, .editorconfig)

Adds missing Rhodium Standard Repository required files:
SECURITY.md with vulnerability reporting policy, CONTRIBUTING.md with
contribution guidelines, and .editorconfig for consistent code style.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: hyperpolymath

.editorconfig

@@ -0,0 +1,19 @@
+# SPDX-License-Identifier: PMPL-1.0-or-later
+root = true
+
+[*]
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+charset = utf-8
+indent_style = space
+indent_size = 2
+
+[*.{rs,ada,adb,ads}]
+indent_size = 4
+
+[Makefile]
+indent_style = tab
+
+[*.md]
+trim_trailing_whitespace = false

CONTRIBUTING.md

@@ -0,0 +1,17 @@
+<!-- SPDX-License-Identifier: PMPL-1.0-or-later -->
+# Contributing
+
+Contributions are welcome! Please:
+
+1. Fork the repository
+2. Create a feature branch from `main`
+3. Ensure all CI checks pass
+4. Submit a pull request
+
+## Standards
+
+This project follows the [Rhodium Standard Repository (RSR)](https://github.com/hyperpolymath/standards) conventions.
+
+## License
+
+By contributing, you agree that your contributions will be licensed under PMPL-1.0-or-later (with MPL-2.0 as automatic legal fallback).

SECURITY.md

@@ -0,0 +1,15 @@
+<!-- SPDX-License-Identifier: PMPL-1.0-or-later -->
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability, please report it responsibly:
+
+- **Email:** j.d.a.jewell@open.ac.uk
+- **Do NOT** open a public issue for security vulnerabilities
+
+We will acknowledge receipt within 48 hours and provide a detailed response within 7 days.
+
+## Supported Versions
+
+Only the latest release on the `main` branch is supported with security updates.