diff --git a/.github/workflows/wf11.yml b/.github/workflows/wf11.yml
index 3a7a156..0349bed 100644
--- a/.github/workflows/wf11.yml
+++ b/.github/workflows/wf11.yml
@@ -20,6 +20,11 @@ jobs:
       discussions: write
       security-events: write  # This one, in particular, should raise a flag as it's typically not needed for most workflows
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@v2
+        with:
+          egress-policy: audit
+
       - name: Checkout code
         uses: actions/checkout@v3
       - name: Dummy Step