diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index b107874..69110be 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -35,13 +35,24 @@ jobs:
         uses: RobertFischer/detect-secrets-action@v2.0.0
         with:
           DS_ADDL_ARGS: '--only-verified'
-      - name: Security and Licence Scan
+      - name: Commit back .secrets.baseline (if it was missing)
+        uses: stefanzweifel/git-auto-commit-action@v4
+        if: ${{ always() }}   
+        with:
+          commit_message: "build(detect-secrets): Commit the newly-generated .secrets.baseline file"
+      - name: detect-secrets with reviewdog
+        if: ${{ always() }}
+        uses: reviewdog/action-detect-secrets@master
+        with:
+          github_token: ${{ secrets.github_token }}
+          reporter: github-pr-review # Change reporter.
+      - name: Security and Licence Scan      
   # You may pin to the exact commit or the version.
   # uses: ShiftLeftSecurity/scan-action@54980bbdae434b8e7903cfcffa98a2601c207962
         uses: ShiftLeftSecurity/scan-action@v1.3.0
-        if: ${{ always() }}
+        if: ${{ always() }}        
+          # Source directory to scan. Defaults to /github/workspace
         with:
-    # Source directory to scan. Defaults to /github/workspace
           src: /github/workspace
     # Output directory for the generated reports. Defaults to /github/workspace/reports
           output: /github/workspace/reports
diff --git a/aws.conf b/aws.conf
index f26c3c8..db3643b 100644
--- a/aws.conf
+++ b/aws.conf
@@ -1,2 +1,2 @@
 aws_access_key_id: 'ABCdddANCk9pap'
-aws_secret_access_key: "PP109JjkLMnBc+oOpKJ27VDbMEDkELAlk99A7EFF"
+aws_secret_access_key: "PP109JjkLMnBc+oOpKJ27VDbMEDkELAlk99A7EFF"
\ No newline at end of file