diff --git a/.tekton/push.yaml b/.tekton/push.yaml
index 0fd3e301dc..575cdede49 100644
--- a/.tekton/push.yaml
+++ b/.tekton/push.yaml
@@ -6,7 +6,7 @@ metadata:
   annotations:
     pipelinesascode.tekton.dev/on-event: "push"
     pipelinesascode.tekton.dev/on-target-branch: "main"
-    pipelinesascode.tekton.dev/task: "[task/update-infra-deployments/0.1/update-infra-deployments.yaml, task/git-clone/0.1/git-clone.yaml, .tekton/tasks/buildah.yaml, task/slack-webhook-notification/0.1/slack-webhook-notification.yaml, .tekton/tasks/ec-checks.yaml]"
+    pipelinesascode.tekton.dev/task: "[task/update-infra-deployments/0.1/update-infra-deployments.yaml, task/git-clone/0.1/git-clone.yaml, .tekton/tasks/buildah.yaml, task/slack-webhook-notification/0.1/slack-webhook-notification.yaml, .tekton/tasks/ec-checks.yaml, task/sast-snyk-check/0.1/sast-snyk-check.yaml]"
     pipelinesascode.tekton.dev/max-keep-runs: "5"
 spec:
   params:
@@ -42,6 +42,18 @@ spec:
           - name: output
             workspace: workspace
 
+      - name: sast-snyk-check
+        params:
+          - name: ARGS
+            value: --report --project-name=konflux-ci/build-definitions
+        runAfter:
+          - clone-repository
+        taskRef:
+          name: sast-snyk-check
+        workspaces:
+          - name: workspace
+            workspace: workspace
+
       - name: ec-task-checks
         runAfter:
           - clone-repository