Task types in phabricator give us a way to tie a specific edit form to some subset of tasks based on:
- The form used to create the task can be tied to a task type. In this case, the form can be sticky and any time you edit the task it will use the same form
- Herald rules can change a task type based on any valid herald conditions. We can use this to make any task with the Security project automatically become a security task. Once the herald rule has changed the type and any edits to the task will use the correct form with custom fields specific to security tasks.
This way members of the security team can have team-specific fields without cluttering the global task edit forms. We could also keep the 'report security bug' form simple - only subsequent edits of the form would include extra fields.