Worked on enhancing CI/CD security for the RasaHQ/rasa-sdk repository by upgrading security scanning workflows and automating vulnerability monitoring. Leveraged YAML and GitHub Actions to update the Trivy scanning action, ensuring broader and more accurate coverage of dependencies. Introduced scheduled scans to provide continuous monitoring, while customizing scan output for clearer vulnerability reporting and faster triage. Focused on security hardening by refining workflow permissions and dependencies, improving both compliance and reliability. The work emphasized DevOps best practices, integrating continuous integration and security scanning into the development pipeline to streamline vulnerability management and reduce manual intervention for ongoing security assurance.