diff --git a/.github/workflows/mainnet-contracts.yml b/.github/workflows/mainnet-contracts.yml
index 2050c6c..25e8ada 100644
--- a/.github/workflows/mainnet-contracts.yml
+++ b/.github/workflows/mainnet-contracts.yml
@@ -22,11 +22,22 @@ jobs:
 
         - name: Codespell
           uses: codespell-project/actions-codespell@v2.0
-          with: no hello
+          with:
             path: mainnet-contracts
             check_hidden: true
             check_filenames: true
 
+        - name: Semgrep
+        - uses: actions/checkout@v4
+          uses: actions/setup-python@v5
+          run: |
+            python -m pip install semgrep
+            export PATH="$HOME/.local/bin:$PATH"
+
+            echo "$ semgrep --version"
+            semgrep --version
+            semgrep --config ./semgrep-rules/
+
   tests:
     runs-on: ubuntu-latest
     steps: