diff --git a/README.md b/README.md
new file mode 100644
index 0000000..17f6fd1
--- /dev/null
+++ b/README.md
@@ -0,0 +1,3 @@
+# donotpassgo
+
+action to run general go code scans, includes dependency scan with govulncheck and static code analysis from gosec
\ No newline at end of file
diff --git a/action.yaml b/action.yaml
index d4c18ab..495476c 100644
--- a/action.yaml
+++ b/action.yaml
@@ -6,11 +6,9 @@ runs:
     - name: "install go packages"
       run: |
         go install golang.org/x/vuln/cmd/govulncheck@latest
+        go install github.com/securego/gosec/v2/cmd/gosec@latest
       
     - name: "dependency scan"
-      run: govulncheck ./...
-
-    - name: "static code analysis"
-      uses: securego/gosec@master
-      with:
-        args: ./...
\ No newline at end of file
+      run: |
+        govulncheck ./...
+        gosec ./...
\ No newline at end of file