diff --git a/.github/workflows/Endorlabs.yml b/.github/workflows/Endorlabs.yml
new file mode 100644
index 00000000..0701aa78
--- /dev/null
+++ b/.github/workflows/Endorlabs.yml
@@ -0,0 +1,35 @@
+name: "EndorLabs Scan"
+# Run workflow each time code is pushed to your repository and on a schedule.
+on:
+  pull_request:
+    branches:
+      - main
+jobs:
+  scan-repo:
+    runs-on: ubuntu-latest 
+    permissions:
+      id-token: write
+      contents: read 
+      
+    steps:
+        - name: Checkout Repository
+          uses: actions/checkout@v3
+        - name: Setup Go
+          uses: actions/setup-go@v4
+          with:
+            go-version: '1.21'  
+        - name: Go Build 
+          run: |
+            go mod tidy
+            go mod vendor          
+        - name: Endor Labs SCA Scan
+          uses: endorlabs/github-action@main
+          with:
+            namespace: "skyflow"
+            api: "https://api.endorlabs.com"
+            enable_github_action_token: true
+            scan_dependencies: true
+            pr: true
+            enable_pr_comments: true
+            github_token: ${{ secrets.REPO_PAT_SERVICE_IT }} 
+            additional_args: "--pr-incremental"