diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 36662694..fcee0799 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -246,7 +246,7 @@ jobs:
       - name: Prepare artifacts output directory
         run: |
           mkdir -p $(dirname $ARTIFACTS_PATH)
-          rm "$ARTIFACTS_PATH"
+          rm -f "$ARTIFACTS_PATH"
       - name: Build CLI
         id: build
         run: task build-cli
diff --git a/.github/workflows/code-scanning.yml b/.github/workflows/code-scanning.yml
index 91794f72..6fd7aed5 100644
--- a/.github/workflows/code-scanning.yml
+++ b/.github/workflows/code-scanning.yml
@@ -14,6 +14,7 @@ jobs:
   dependency-review:
     name: Dependency Review
     runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
     steps:
       - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
         with: