diff --git a/.github/workflows/codex-quality-security.yml b/.github/workflows/codex-quality-security.yml
index 11d76fe..78b4caf 100644
--- a/.github/workflows/codex-quality-security.yml
+++ b/.github/workflows/codex-quality-security.yml
@@ -77,7 +77,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Trivy FS scan
-        uses: aquasecurity/trivy-action@v0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           scan-type: fs
           scanners: vuln,misconfig,secret
@@ -97,4 +97,4 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: OpenSSF Scorecard
-        uses: ossf/scorecard-action@v2.3.1
+        uses: ossf/scorecard-action@v2.4.3