diff --git a/packages/actions/vu1nz-scan/sh1pt.action.json b/packages/actions/vu1nz-scan/sh1pt.action.json
new file mode 100644
index 00000000..ed40a03b
--- /dev/null
+++ b/packages/actions/vu1nz-scan/sh1pt.action.json
@@ -0,0 +1,29 @@
+{
+  "name": "vu1nz-scan",
+  "publisher": "profullstack",
+  "type": "github-action",
+  "version": "0.1.0",
+  "title": "vu1nz Security Scan",
+  "description": "Adds a GitHub Actions workflow for running vu1nz security scans.",
+  "trustLevel": "verified",
+  "files": [
+    {
+      "path": ".github/workflows/vu1nz-scan.yml",
+      "template": "workflows/vu1nz-scan.yml"
+    }
+  ],
+  "permissions": {
+    "contents": "read",
+    "security-events": "write"
+  },
+  "secrets": [],
+  "thirdPartyActions": [
+    {
+      "uses": "actions/checkout@v4",
+      "pinned": false,
+      "trusted": true
+    }
+  ],
+  "requiresConfirmation": true,
+  "recommendedInstallMode": "pr"
+}
diff --git a/packages/actions/vu1nz-scan/workflows/vu1nz-scan.yml b/packages/actions/vu1nz-scan/workflows/vu1nz-scan.yml
new file mode 100644
index 00000000..681986a5
--- /dev/null
+++ b/packages/actions/vu1nz-scan/workflows/vu1nz-scan.yml
@@ -0,0 +1,23 @@
+name: vu1nz Scan
+
+on:
+  push:
+    branches:
+      - main
+      - master
+  pull_request:
+
+permissions:
+  contents: read
+  security-events: write
+
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Run vu1nz scan
+        run: |
+          echo "TODO: run vu1nz scan"
diff --git a/packages/registry/actions.json b/packages/registry/actions.json
new file mode 100644
index 00000000..afc419d2
--- /dev/null
+++ b/packages/registry/actions.json
@@ -0,0 +1,11 @@
+[
+  {
+    "name": "vu1nz-scan",
+    "publisher": "profullstack",
+    "version": "0.1.0",
+    "description": "Adds vu1nz security scanning to GitHub Actions.",
+    "trustLevel": "verified",
+    "category": "security",
+    "path": "packages/actions/vu1nz-scan/sh1pt.action.json"
+  }
+]