add disclaimer in #crisp documentation that we do not accept security vulnerability reports from LLMs and other automated systems, because I'm getting spammed by LLMs over email and it's humanly impossible to filter what's legit (maybe 0.1% of reports) over what's automated — maybe LLMs will comply when seeing that but I bet they'll just ignore, so if that is not effective then I'll nuke our reponsible vulnerability report bounty program which is sad