diff --git a/README.md b/README.md
index 8accbce..2fc84f8 100644
--- a/README.md
+++ b/README.md
@@ -40,13 +40,22 @@ permissions:
 
 jobs:
   reuse-compliance-check:
+    name: REUSE Compliance Check
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
 
       - name: REUSE Compliance Check
-        uses: fsfe/reuse-action@v6
+        uses: fsfe/reuse-action@676e2d560c9a403aa252096d99fcab3e1132b0f5 # v6
+        with:
+          persist-credentials: false
+
+    concurrency:
+      group: ${{ github.workflow }}-${{ github.ref }}
+
 ```
 
 If you would like to run other subcommands, you could use the following snippet which outputs a the SPDX bill of materials: