diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b3a1a88c..4ddb143a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,26 +1,32 @@
-name: Automated Security Gates
+name: Consolidated CI - Repo Trivy Scan
 
 on:
   push:
     branches: [ main, master ]
   pull_request:
     branches: [ main, master ]
+  schedule:
+    - cron: '0 4 * * *'
+
+permissions:
+  contents: read
+  security-events: write
 
 jobs:
-  build-and-scan:
+  trivy-scan:
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout Code
+      - name: Checkout code
         uses: actions/checkout@v4
 
-      - name: Automated Vulnerability Scan (Trivy)
+      - name: Run Trivy vulnerability scanner (repo)
         uses: aquasecurity/trivy-action@0.33.1
         with:
-          scan-type: 'fs'
+          scan-type: repo
           ignore-unfixed: true
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          exit-code: '1'
+          format: sarif
+          output: trivy-results.sarif
+          severity: CRITICAL,HIGH
 
       - name: Upload SARIF results to GitHub Code Scanning
         uses: github/code-scanning-action/upload-sarif@v2
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
deleted file mode 100644
index 43e4d6e9..00000000
--- a/.github/workflows/trivy.yml
+++ /dev/null
@@ -1,51 +0,0 @@
-name: Trivy
-permissions: {}
-
-on:
-  push:
-    branches:
-      - main
-
-    tags:
-      - '*'
-
-  pull_request:
-    branches:
-      - main
-
-  schedule:
-    - cron: '08 11 * * *'
-
-jobs:
-  trivy-scan:
-    # Only run this in the upstream repo and not on forks
-    # When all forks run this at the same time, it is causing `Too Many Requests` issues
-    if: ${{ github.repository == 'dani-garcia/vaultwarden' }}
-    name: Trivy Scan
-    permissions:
-      security-events: write # To write the security report
-    runs-on: ubuntu-24.04
-    timeout-minutes: 30
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
-        with:
-          persist-credentials: false
-
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
-        env:
-          TRIVY_DB_REPOSITORY: docker.io/aquasec/trivy-db:2,public.ecr.aws/aquasecurity/trivy-db:2,ghcr.io/aquasecurity/trivy-db:2
-          TRIVY_JAVA_DB_REPOSITORY: docker.io/aquasec/trivy-java-db:1,public.ecr.aws/aquasecurity/trivy-java-db:1,ghcr.io/aquasecurity/trivy-java-db:1
-        with:
-          scan-type: repo
-          ignore-unfixed: true
-          format: sarif
-          output: trivy-results.sarif
-          severity: CRITICAL,HIGH
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
-        with:
-          sarif_file: 'trivy-results.sarif'