diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index 2c7af462..a14db0a0 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -3,7 +3,7 @@
 
 name: Push
 
-on: ["push", "pull_request"]
+on: ["push"]
 
 jobs:
   frontend:
@@ -60,6 +60,18 @@ jobs:
     env:
       LHCI_GITHUB_APP_TOKEN: ${{ secrets.LIGHTHOUSE_CI }}
 
+  scan:
+    name: gitleaks
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: gitleaks/gitleaks-action@v2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }}
+
   reuse:
     name: Check Compliance with REUSE Specification
     runs-on: ubuntu-latest