diff --git a/.github/workflows/build_package.yml b/.github/workflows/build_package.yml
index 811c12893..e85b60842 100644
--- a/.github/workflows/build_package.yml
+++ b/.github/workflows/build_package.yml
@@ -75,6 +75,9 @@ jobs:
           format: 'template'
           template: '@/contrib/sarif.tpl'
           output: 'trivy-results.sarif'
+          security-checks: 'vuln'
+          severity: 'CRITICAL,HIGH'
+          timeout: '10m'
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v1
         with: