diff --git a/.gitignore b/.gitignore
index 9047b8344455..70bbb115fe7d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -94,6 +94,8 @@ tmp/
 IDENTITY.md
 USER.md
 *.tgz
+*.tar.gz
+*.zip
 .idea
 
 # local tooling
@@ -153,6 +155,9 @@ apps/ios/LocalSigning.xcconfig
 apps/ios/build/
 apps/shared/OpenClawKit/build/
 Swabble/build/
+*.xcresult
+*.trace
+*.profraw
 
 # Generated protocol schema (produced via pnpm protocol:gen)
 dist/protocol.schema.json
diff --git a/SECURITY.md b/SECURITY.md
index 4958c88f9363..5cc0c44f8051 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -26,6 +26,7 @@ For OpenClaw core issues, submit through a private [GitHub Security Advisory](ht
 Maintainers may close, hide, delete, or otherwise take down public issues and PRs that disclose vulnerabilities or active security issues. We will redirect those reports through the private disclosure process so the issue can be triaged and fixed without giving attackers a public playbook.
 
 For full reporting instructions see our [Trust page](https://trust.openclaw.ai).
+For maintainer response workflow, see the [incident response plan](docs/security/incident-response.md).
 
 OpenClaw does not currently run a paid bug bounty program. Please still disclose responsibly so we can fix real issues quickly. The best way to help the project right now is to send high-signal reports and, when practical, focused PRs.
 
diff --git a/INCIDENT_RESPONSE.md b/docs/security/incident-response.md
similarity index 87%
rename from INCIDENT_RESPONSE.md
rename to docs/security/incident-response.md
index 90516b82374f..fedde0c2f158 100644
--- a/INCIDENT_RESPONSE.md
+++ b/docs/security/incident-response.md
@@ -1,4 +1,13 @@
-# OpenClaw Incident Response Plan
+---
+summary: "How OpenClaw triages, responds to, and follows up on security incidents"
+title: "Incident response"
+read_when:
+  - Responding to a security report or suspected security incident
+  - Preparing a coordinated disclosure or patched security release
+  - Reviewing post-incident follow-up expectations
+---
+
+# Incident Response
 
 ## 1. Detection and triage