diff --git a/.github/workflows/secrets-scan.yaml b/.github/workflows/secrets-scan.yaml
index ed9e76f..cf1eee3 100644
--- a/.github/workflows/secrets-scan.yaml
+++ b/.github/workflows/secrets-scan.yaml
@@ -13,12 +13,12 @@ jobs:
     if: ${{ !contains(github.actor, '[bot]') }} # [bot]を含む場合は除外する
     steps:
     - name: Checkout
-      uses: actions/checkout@v4.1.1
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
       with:
         ref: ${{ github.head_ref }}
 
     - name: Run Aqua Security Trivy
-      uses: aquasecurity/trivy-action@0.15.0
+      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
       with:
         scan-type: fs
         scan-ref: . # default