diff --git a/README.md b/README.md
index 2f698d8..9b9fc28 100644
--- a/README.md
+++ b/README.md
@@ -394,7 +394,7 @@ Following inputs can be used as `step.with` keys:
 | `timeout`        | String  | `5m0s`                             | Scan timeout duration                         |
 | `ignore-policy`  | String  |                                    | Filter vulnerabilities with OPA rego language |
 | `list-all-pkgs`  | String  |                                    | Output all packages regardless of vulnerability |
-| `security-checks`| String  | `vuln`                             | comma-separated list of what security issues to detect (`vuln`,`config`)|
+| `security-checks`| String  | `vuln,secret`                      | comma-separated list of what security issues to detect (`vuln`,`secret`,`config`)|
 
 [release]: https://github.com/aquasecurity/trivy-action/releases/latest
 [release-img]: https://img.shields.io/github/release/aquasecurity/trivy-action.svg?logo=github
diff --git a/entrypoint.sh b/entrypoint.sh
index 5b95d3c..a02efa8 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -98,10 +98,7 @@ if [ $vulnType ] && [ "$scanType" != "config" ];then
   ARGS="$ARGS --vuln-type $vulnType"
   SARIF_ARGS="$SARIF_ARGS --vuln-type $vulnType"
 fi
-if [ $securityChecks ] && [ "$scanType" == "fs" ];then
-  ARGS="$ARGS --security-checks $securityChecks"
-fi
-if [ $securityChecks ] && [ "$scanType" == "repo" ];then
+if [ $securityChecks ];then
   ARGS="$ARGS --security-checks $securityChecks"
 fi
 if [ $severity ];then