docs(security): add repo-specific security scope and practices (#7)
Replaces generic boilerplate with lexicon-specific security guidance
covering schema validation bypass, type generation flaws, npm supply
chain attacks, and AT Protocol namespace compliance.
authored by