Using security policies

I created a default shared security policy in markdown format for my user following the docs (in a public .github repo) to be shared among my other repositories, which worked like a charm. After digging deeper in the subject, I also decided to add security.tx files to the individual repositories, so users who clone the repositories can have a basic clue on reporting without visiting the github page. Now when I check out the security > policy tab of any individual repository on the site, I see the contents of the local security.txt, and not the shared, which confuses me. Is this the intended behavior? Should I remove all security.txt instances, or upload it only once to my user’s shared repo? I’d like to see the contents of the well formed shared markdown document on the site, but have people clone the individual security.txt files (for eg. offline use). I’d really appreciate a best-practice regarding the topic, thank you in advance!