diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 46cae7a..7c098c9 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -88,24 +88,23 @@ jobs:
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'trivy-results.sarif'
-          category: trivy
+          category: 'trivy'
 
-  clair:
-    name: Scan current image with Clair
+  grype:
+    name: Scan current image with Grype
     needs: build
     permissions:
       security-events: write
     runs-on: "ubuntu-latest"
     steps:
-      - name: Run Clair vulnerability scanner
-        uses: quay/clair-action@main
+      - name: Run Grype vulnerability scanner
+        uses: anchore/scan-action@v3
+        id: grype
         with:
-          image-ref: 'ghcr.io/tommytran732/matrix.to'
-          format: sarif
-          output: clair_results.sarif
+          image: "ghcr.io/tommytran732/matrix.to"
 
-      - name: Upload Trivy scan results to GitHub Security tab
+      - name: Upload Grype scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v3
         with:
-          sarif_file: 'clair_results.sarif'
-          category: clair
\ No newline at end of file
+          sarif_file: ${{ steps.scan.outputs.sarif }}
+          category: grype
\ No newline at end of file