chore: add community standards (CoC, contributing, security, templates)

Adds the seven files needed to pass the GitHub Community Standards checklist:

- CODE_OF_CONDUCT.md (Contributor Covenant 2.1)
- CONTRIBUTING.md (scope, dev setup, tests, PR rules; points users at
  feder-cr/firefox-stealth for C++/spoofing issues)
- SECURITY.md (private vuln reporting via GH advisories or email,
  out-of-scope items redirected to firefox-stealth / Mozilla)
- .github/ISSUE_TEMPLATE/bug_report.yml
- .github/ISSUE_TEMPLATE/feature_request.yml
- .github/ISSUE_TEMPLATE/config.yml (disables blank issues, links to
  security advisories, firefox-stealth, and discussions)
- .github/PULL_REQUEST_TEMPLATE.md

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,79 @@
+name: Bug report
+description: Report a bug in the invisible_playwright Python wrapper
+title: "[bug] "
+labels: ["bug"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to file a bug report.
+
+        Before continuing, please:
+        - Search [existing issues](https://github.com/feder-cr/invisible_playwright/issues?q=is%3Aissue) to avoid duplicates.
+        - If the bug is in the **patched Firefox itself** (canvas/WebGL/audio/font spoofing, a detector flagging the browser), open it at [feder-cr/firefox-stealth](https://github.com/feder-cr/firefox-stealth/issues) instead.
+        - **Do not** report security vulnerabilities here — follow [SECURITY.md](https://github.com/feder-cr/invisible_playwright/blob/main/SECURITY.md).
+  - type: input
+    id: version
+    attributes:
+      label: invisible_playwright version
+      description: Output of `invisible_playwright version`
+      placeholder: "0.1.0 (binary 150.0.1)"
+    validations:
+      required: true
+  - type: dropdown
+    id: os
+    attributes:
+      label: Operating system
+      options:
+        - Windows x86_64
+        - Linux x86_64
+        - Other (please specify in description)
+    validations:
+      required: true
+  - type: input
+    id: python
+    attributes:
+      label: Python version
+      placeholder: "3.11.7"
+    validations:
+      required: true
+  - type: textarea
+    id: repro
+    attributes:
+      label: Minimal reproduction
+      description: A small, self-contained code snippet that triggers the bug. Strip out anything unrelated.
+      render: python
+    validations:
+      required: true
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected behavior
+    validations:
+      required: true
+  - type: textarea
+    id: actual
+    attributes:
+      label: Actual behavior
+      description: Include the full error message and traceback if any.
+    validations:
+      required: true
+  - type: textarea
+    id: logs
+    attributes:
+      label: Logs / additional context
+      description: Browser console output, environment variables, proxy config (redact credentials), etc.
+      render: text
+    validations:
+      required: false
+  - type: checkboxes
+    id: confirm
+    attributes:
+      label: Confirmations
+      options:
+        - label: I have searched existing issues and this bug has not been reported.
+          required: true
+        - label: I am on the latest release.
+          required: true
+        - label: I have removed any credentials, proxy passwords, or sensitive data from logs.
+          required: true