diff --git a/.github/workflows/safety.yml b/.github/workflows/safety.yml
new file mode 100644
index 0000000..bc9c308
--- /dev/null
+++ b/.github/workflows/safety.yml
@@ -0,0 +1,17 @@
+name: Safety
+on:
+  push:
+    branches: [ main ]
+  schedule:
+    - cron: '0 0 * * 0' # weekly
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - uses: actions/checkout@main
+      - name: Run Safety CLI to check for vulnerabilities
+        uses: pyupio/safety-action@7baf6605473beffc874c1313ddf2db085c0cacf2  # v1
+        with:
+          api-key: ${{ secrets.SAFETY_API_KEY }}