diff --git a/.github/workflows/publish-pod.yml b/.github/workflows/publish-pod.yml
index e4488c6..a92ab0d 100644
--- a/.github/workflows/publish-pod.yml
+++ b/.github/workflows/publish-pod.yml
@@ -1,20 +1,25 @@
 name: Publish CocoaPod
-
+permissions:
+  contents: read
 on:
-  push:
-    # runs on anything like v1.2.3
-    tags:
-      - "v*.*.*"
+  release:
+    types: [released]
 
 jobs:
   publish-pod:
     runs-on: macos-latest
     steps:
-      # 1. Check out your code
-      - uses: actions/checkout@v3
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
+        with:
+          egress-policy: audit
+
+      # 1. Checkout repository
+      - name: Checkout repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       # 2. Install a recent Ruby
-      - uses: ruby/setup-ruby@v1
+      - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0
         with:
           ruby-version: 3.4.3
 
diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml
index b46fce5..c280fa4 100644
--- a/.github/workflows/sonarqube.yml
+++ b/.github/workflows/sonarqube.yml
@@ -1,5 +1,6 @@
 name: SonarQube
-
+permissions:
+  contents: read
 on:
   workflow_dispatch:
   push:
@@ -14,8 +15,13 @@ jobs:
     runs-on: macos-15
 
     steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
+        with:
+          egress-policy: audit
+
+      - name: Checkout repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           fetch-depth: 0 # Shallow clones should be disabled for better SonarQube analysis
 
diff --git a/FormbricksSDK.podspec b/FormbricksSDK.podspec
index 5b70211..e66f8e2 100644
--- a/FormbricksSDK.podspec
+++ b/FormbricksSDK.podspec
@@ -6,7 +6,7 @@ Pod::Spec.new do |s|
   s.license          = { :type => "MIT", :file => "LICENSE" }
   s.author           = { "Formbricks" => "hola@formbricks.com" }
   s.platform         = :ios, "16.6"
-  s.source           = { :git => "https://github.com/formbricks/ios.git", :tag => "v#{s.version}" }
+  s.source           = { :git => "https://github.com/formbricks/ios.git", :tag => s.version }
   s.swift_version    = "5.7"                                
   s.requires_arc     = true
   s.source_files     = "Sources/FormbricksSDK/**/*.{swift}"