diff --git a/.github/workflows/chain-docs.yml b/.github/workflows/chain-docs.yml
index 182578ea..5cd24ead 100644
--- a/.github/workflows/chain-docs.yml
+++ b/.github/workflows/chain-docs.yml
@@ -34,3 +34,19 @@ jobs:
         . ci/scripts/prepare
         ci/scripts/build
         ci/scripts/deploy
+    - name: Perform ShiftLeft Scan
+      uses: ShiftLeftSecurity/scan-action@master
+      env:
+        WORKSPACE: ""
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SCAN_AUTO_BUILD: true
+      with:
+        output: reports
+        # Scan auto-detects the languages in your project. To override uncomment the below variable and set the type
+        # type: credscan,java
+        # type: python
+
+    - name: Upload report
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: reports