diff --git a/.github/workflows/imagetoghcr-on-push.yaml b/.github/workflows/imagetoghcr-on-push.yaml
index 582a20e..8d6239c 100644
--- a/.github/workflows/imagetoghcr-on-push.yaml
+++ b/.github/workflows/imagetoghcr-on-push.yaml
@@ -75,12 +75,10 @@ jobs:
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@7b7aa264d83dc58691451798b4d117d53d21edfe
         with:
-          image-ref: ${{ steps.image_ref_lower.outputs.output }}
-          format: 'template'
-          template: '@/contrib/sarif.tpl'
-          output: 'trivy-results.sarif'
-          severity: 'CRITICAL,HIGH'
-          exit-code: 1
+          image-ref: "ghcr.io/${{ github.repository }}-default:${{ needs.branch_meta.outputs.sha }}"
+          format: "sarif"
+          output: "trivy-results.sarif"
+          severity: "CRITICAL,HIGH"
           ignore-unfixed: true
 
       - name: Upload Trivy scan results to GitHub Security tab