diff --git a/.github/workflows/scan-vulns.yaml b/.github/workflows/scan-vulns.yaml
index 81faee828..bcfc1a563 100644
--- a/.github/workflows/scan-vulns.yaml
+++ b/.github/workflows/scan-vulns.yaml
@@ -57,7 +57,7 @@ jobs:
 
       - name: Run trivy on git repository
         run: |
-          trivy fs --skip-db-update --cache-dir $GITHUB_WORKSPACE/.cache/trivy/ --format table --ignore-unfixed --scanners vuln .
+          trivy fs --skip-db-update --cache-dir ${{ github.workspace }}/.cache/trivy/ --format table --ignore-unfixed --scanners vuln .
 
       - name: Build docker images
         run: |
@@ -66,10 +66,10 @@ jobs:
       - name: Run trivy on images for all severity
         run: |
           for img in "localbuild:test" "localbuildcrd:test"; do
-              trivy image --skip-db-update --cache-dir $GITHUB_WORKSPACE/.cache/trivy/ --ignore-unfixed --vuln-type="os,library" "${img}"
+              trivy image --skip-db-update --cache-dir ${{ github.workspace }}/.cache/trivy/ --ignore-unfixed --vuln-type="os,library" "${img}"
           done
       - name: Run trivy on images and exit on HIGH/CRITICAL severity
         run: |
           for img in "localbuild:test" "localbuildcrd:test"; do
-              trivy image --skip-db-update --cache-dir $GITHUB_WORKSPACE/.cache/trivy/ --ignore-unfixed --exit-code 1 --severity HIGH,CRITICAL --vuln-type="os,library" "${img}"
-          done
\ No newline at end of file
+              trivy image --skip-db-update --cache-dir ${{ github.workspace }}/.cache/trivy/ --ignore-unfixed --exit-code 1 --severity HIGH,CRITICAL --vuln-type="os,library" "${img}"
+          done