diff --git a/action.yaml b/action.yaml
index 495476c..d4c18ab 100644
--- a/action.yaml
+++ b/action.yaml
@@ -6,9 +6,11 @@ runs:
     - name: "install go packages"
       run: |
         go install golang.org/x/vuln/cmd/govulncheck@latest
-        go install github.com/securego/gosec/v2/cmd/gosec@latest
       
     - name: "dependency scan"
-      run: |
-        govulncheck ./...
-        gosec ./...
\ No newline at end of file
+      run: govulncheck ./...
+
+    - name: "static code analysis"
+      uses: securego/gosec@master
+      with:
+        args: ./...
\ No newline at end of file