diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 971e7e5..a42b43e 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -31,3 +31,8 @@ jobs:
       - name: Lint
         run: task lint
         shell: nix develop --command bash -e {0}
+      - name: Vulns
+        run: snyk auth $SNYK_TOKEN && task vulns
+        shell: nix develop --command bash -e {0}
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
diff --git a/Taskfile.yml b/Taskfile.yml
index ab83fd8..e9c8554 100644
--- a/Taskfile.yml
+++ b/Taskfile.yml
@@ -50,16 +50,12 @@ tasks:
       - find . -name "*.db" -type f -delete
       - find . -name "*.db-shm" -type f -delete
       - find . -name "*.db-wal" -type f -delete
+  vulns:
+    cmds:
+      - snyk test
   release:
     cmds:
       - goreleaser release
   release-snapshot:
     cmds:
       - goreleaser release --snapshot --clean
-  install-native-manifest:
-    cmds:
-      - mkdir -p ~/.mozilla/native-messaging-hosts/
-      - cp armaria.json ~/.mozilla/native-messaging-hosts/
-  copy-snap:
-    cmds:
-      - scp dist/armaria_0.0.6-next_linux_amd64.snap jhope@192.168.122.176:/home/jhope
diff --git a/flake.nix b/flake.nix
index 79805a3..d8f4f30 100644
--- a/flake.nix
+++ b/flake.nix
@@ -25,6 +25,7 @@
             zig.packages.${system}.master
             goreleaser
             syft
+            snyk
           ];
           shellHook = ''
             export PATH=$PWD/tools:$PATH