diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
new file mode 100644
index 0000000..e72fdfa
--- /dev/null
+++ b/.github/workflows/main.yml
@@ -0,0 +1,15 @@
+name: vulnerability scan workflow
+
+on: push
+
+jobs:
+  meterian_scan:
+    name: Meterian client opensource scan
+    runs-on: ubuntu-latest
+    steps: 
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Scan project with the Meterian client
+        uses: MeterianHQ/meterian-github-action@v1.0.17
+        with:
+            cli_args: "--oss" #[ Meterian CLI Options ]
\ No newline at end of file
diff --git a/README.md b/README.md
index 14435ca..ba142a7 100644
--- a/README.md
+++ b/README.md
@@ -3,6 +3,9 @@ The sample project containing the code for my NodeJS talk about distributed syst
 **Please note that this code is no more that a spike I wrote in around 4 days: be gentle with that, and do not run it in production!**  
 I will refactor it, tough, for the next speech :)
 
+
+[![security status](https://qa.meterian.io/badge/pb/1e2b6a8c-02c0-49c8-8dbf-4cd5711ae703/security)](https://qa.meterian.io/projects/?pid=1e2b6a8c-02c0-49c8-8dbf-4cd5711ae703) [![stability status](https://qa.meterian.io/badge/pb/1e2b6a8c-02c0-49c8-8dbf-4cd5711ae703/stability)](https://qa.meterian.io/projects/?pid=1e2b6a8c-02c0-49c8-8dbf-4cd5711ae703) [![licensing status](https://qa.meterian.io/badge/pb/1e2b6a8c-02c0-49c8-8dbf-4cd5711ae703/licensing)](https://qa.meterian.io/projects/?pid=1e2b6a8c-02c0-49c8-8dbf-4cd5711ae703)
+
 # what does it do?
 What you have here is a process capable to implement some aspects of a key-value store (namely read and write) which does it using a distributed architecture. Following the CAP theorem it can use a CA approach (two-phase commit), an AP approach (sloppy quorums) or a CP approach (majority quorums). Based on the environment variable MODE it will select the operating mode.