diff --git a/.github/workflows/reusable-workflow-lint.yml b/.github/workflows/reusable-workflow-lint.yml
index 1cd53ad3afde77..38af2ca86d7e39 100644
--- a/.github/workflows/reusable-workflow-lint.yml
+++ b/.github/workflows/reusable-workflow-lint.yml
@@ -52,7 +52,9 @@ jobs:
               uses: synacktiv/action-octoscan@6b1cf2343893dfb9e5f75652388bd2dc83f456b0 # v1.0.0
               with:
                   filter_triggers: ''
-                  disable_rules: dangerous-write
+                  # dangerous-write:    Valid but ignored because we have to use these writes
+                  # dangerous-checkout: Three false positives
+                  disable_rules: dangerous-write, dangerous-checkout
 
             - name: Upload SARIF file
               uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9