diff --git a/SECURITY_REMEDIATION.md b/SECURITY_REMEDIATION.md
new file mode 100644
index 0000000..b8341be
--- /dev/null
+++ b/SECURITY_REMEDIATION.md
@@ -0,0 +1,5 @@
+Security remediation proposal (automated scan found transitive vulnerabilities via lodash/js-yaml).
+
+Suggested actions for maintainers:
+- Review tests and consider updating junit-report-builder and lodash to patched versions (or replace the tool if upstream is not maintained).
+- See suggested remediation details attached in PR draft: /home/assistant/.nvm/remediation_prs/PR_dockerfile_lint_replace-or-upgrade.md