diff --git a/.gitea/workflows/api-docs.yml b/.gitea/workflows/api-docs.yml
index f1c9bc7..802eedd 100644
--- a/.gitea/workflows/api-docs.yml
+++ b/.gitea/workflows/api-docs.yml
@@ -184,7 +184,7 @@ jobs:
         docker build -t api-docs:security-scan .
       
     - name: Run Trivy vulnerability scanner
-      uses: aquasecurity/trivy-action@master
+      uses: aquasecurity/trivy-action@0.28.0
       with:
         image-ref: api-docs:security-scan
         format: 'sarif'