diff --git a/.gitea/workflows/vulnscan.yaml b/.gitea/workflows/vulnscan.yaml
index 655df7a..3bdacb3 100644
--- a/.gitea/workflows/vulnscan.yaml
+++ b/.gitea/workflows/vulnscan.yaml
@@ -31,7 +31,7 @@ jobs:
       - name: Run Trivy vulnerability scanner
         id: scan
         run: |
-          trivy image --format json docker.asperti.com/paspo/ftps:latest > trivy-results.json
+          trivy --server ${{ secrets.TRIVY_SERVER }} --token ${{ secrets.TRIVY_SERVER }} image --format json docker.asperti.com/paspo/ftps:latest > trivy-results.json
 
       - uses: actions/cache/save@v4
         if: always()  # salva in cache anche se trova vulnerabilità