diff --git a/.github/workflows/secrets-scan.yaml b/.github/workflows/secrets-scan.yaml
index ed9e76f..0a80068 100644
--- a/.github/workflows/secrets-scan.yaml
+++ b/.github/workflows/secrets-scan.yaml
@@ -13,12 +13,12 @@ jobs:
     if: ${{ !contains(github.actor, '[bot]') }} # [bot]を含む場合は除外する
     steps:
     - name: Checkout
-      uses: actions/checkout@v4.1.1
+      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       with:
         ref: ${{ github.head_ref }}
 
     - name: Run Aqua Security Trivy
-      uses: aquasecurity/trivy-action@0.15.0
+      uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # 0.17.0
       with:
         scan-type: fs
         scan-ref: . # default