diff --git a/.github/workflows/osv-scan.yml b/.github/workflows/osv-scan.yml
index f6dad36..f6eb4ce 100644
--- a/.github/workflows/osv-scan.yml
+++ b/.github/workflows/osv-scan.yml
@@ -20,4 +20,5 @@ jobs:
       # Require writing security events to upload SARIF file to security tab
       security-events: write
       contents: read
+      actions: read
     uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@ba0b4d196d231340e0ae94ae00933c8be0984192" #v1.7.4