diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml
index d4faa23..9e0e860 100644
--- a/.gitea/workflows/release.yml
+++ b/.gitea/workflows/release.yml
@@ -43,5 +43,12 @@ jobs:
         with:
           tags: cs-git.ddnss.de/ri-st/startup:latest
           push: true
-#          cache-from: type=gha
-#          cache-to: type=gha,mode=max
+          outputs: type=docker,dest=/tmp/startup.tar
+
+      - name: Check with trivy
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-ref: '/tmp/startup.tar'
+          scan-type: 'fs'
+          format: 'table'
+          vuln-type: 'os,library'