diff --git a/.gitea/workflows/security.yml b/.gitea/workflows/security.yml
index a39eb7d..b5bc949 100644
--- a/.gitea/workflows/security.yml
+++ b/.gitea/workflows/security.yml
@@ -2,9 +2,9 @@ name: Security Scan
 
 on:
   push:
-    branches: [ main, master, develop ]
+    branches: [ main ]
   pull_request:
-    branches: [ main, master, develop ]
+    branches: [ main ]
   schedule:
     # Run weekly on Mondays at 00:00 UTC
     - cron: '0 0 * * 1'
@@ -19,15 +19,20 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
 
-      - name: Manual Trivy Setup
-        uses: aquasecurity/setup-trivy@v0.2.0
-        with:
-          cache: true
-          version: v0.68.1
+      # Manually install Trivy (workaround for Gitea Actions not supporting node24)
+      - name: Install Trivy
+        run: |
+          sudo apt-get update
+          sudo apt-get install wget apt-transport-https gnupg lsb-release -y
+          wget -qO /tmp/trivy-key.asc https://aquasecurity.github.io/trivy-repo/deb/public.key
+          sudo apt-key add /tmp/trivy-key.asc
+          echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
+          sudo apt-get update
+          sudo apt-get install trivy -y
 
       # Combined scan for vulnerabilities, secrets, and IaC misconfigurations
       - name: Run Trivy comprehensive security scan
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@master
         with:
           scan-type: 'fs'
           scan-ref: '.'
@@ -41,6 +46,7 @@ jobs:
           ignore-unfixed: false
           # Skip database update to speed up scans (uses cached DB)
           skip-db-update: false
+          # Skip setup since we installed Trivy manually
           skip-setup-trivy: true
 
       # Display results for visibility
@@ -75,4 +81,3 @@ jobs:
             echo "=== Semgrep Static Analysis Results ==="
             cat semgrep-results.txt
           fi
-