Include a security policy for PDF.js

This makes sure that security researchers can find the required
information for reporting security vulnerabilities in a standardized
manner across GitHub repositories. Please refer to
https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository
for more information.