diff --git a/.github/workflows/code-scan.yml b/.github/workflows/codeql.yml
similarity index 53%
rename from .github/workflows/code-scan.yml
rename to .github/workflows/codeql.yml
index acf8f0f4..b4524c77 100644
--- a/.github/workflows/code-scan.yml
+++ b/.github/workflows/codeql.yml
@@ -1,4 +1,4 @@
-name: code-scan
+name: codeql
 
 on:
   push:
@@ -11,22 +11,21 @@ on:
   schedule:
     - cron: '0 6 * * 1'
 
-permissions:
-  actions: read
-  contents: read
+permissions: {}
 
 jobs:
-  code-ql:
-
+  analysis:
     runs-on: ubuntu-latest
 
     permissions:
+      actions: read
+      contents: read
       security-events: write
 
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'csharp', 'javascript' ]
+        language: [ 'actions', 'csharp', 'javascript' ]
 
     steps:
     - name: Checkout repository
@@ -43,3 +42,22 @@ jobs:
       uses: github/codeql-action/analyze@v3
       with:
         category: '/language:${{ matrix.language }}'
+
+  codeql:
+    if: ${{ !cancelled() }}
+    needs: [ analysis ]
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Report status
+      shell: bash
+      env:
+        SCAN_SUCCESS: ${{ !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') }}
+      run: |
+        if [ "${SCAN_SUCCESS}" == "true" ]
+        then
+          echo 'CodeQL analysis successful ✅'
+        else
+          echo 'CodeQL analysis failed ❌'
+          exit 1
+        fi