diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 5e3f9e37..e7bab178 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -14,7 +14,7 @@ jobs:
   rl-scanner:
     uses: ./.github/workflows/rl-scanner.yml
     with:
-      python-version: 3.10
+      python-version: "3.10"
       artifact-name: "auth0-python.tgz"
     secrets:
       RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
diff --git a/.github/workflows/rl-scanner.yml b/.github/workflows/rl-scanner.yml
index 15c818f4..ac3c1aa3 100644
--- a/.github/workflows/rl-scanner.yml
+++ b/.github/workflows/rl-scanner.yml
@@ -24,13 +24,12 @@ on:
         required: true
 
 jobs:
-  checkout-build-scan-only:
+  rl-scanner:
+    if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/'))
     runs-on: ubuntu-latest
-
-    permissions:
-      pull-requests: write
-      id-token: write
-
+    outputs:
+      scan-status: ${{ steps.rl-scan-conclusion.outcome }}
+      
     steps:
       - uses: actions/checkout@v4
         with: