diff --git a/.github/workflows/pop.yml b/.github/workflows/pop.yml
index 73e02510..09535719 100644
--- a/.github/workflows/pop.yml
+++ b/.github/workflows/pop.yml
@@ -31,10 +31,9 @@ jobs:
           codeload.github.com:443
           objects.githubusercontent.com:443
     - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-    - uses: ./
+    - uses: boostsecurityio/poutine-action@main # Dogfood the latest action
       name: "Run poutine on poutine's own codebase"
       id: self-test
-
     - name: Upload SARIF file
       uses: github/codeql-action/upload-sarif@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
       with:
diff --git a/Dockerfile.action b/Dockerfile.action
deleted file mode 100644
index b39c4e5b..00000000
--- a/Dockerfile.action
+++ /dev/null
@@ -1,5 +0,0 @@
-FROM ghcr.io/boostsecurityio/poutine:0.9.7@sha256:034326fac021cbedf8df99e90d993ec3553c7649395040bbb8bca05b601de35a
-
-USER root
-
-ENTRYPOINT ["/bin/sh", "-c"]
diff --git a/action.yml b/action.yml
deleted file mode 100644
index 6420d01c..00000000
--- a/action.yml
+++ /dev/null
@@ -1,22 +0,0 @@
-name: poutine - GitHub Actions SAST
-description: |
-  BoostSecurity.io’s poutine detects vulnerabilities and misconfigurations in your GitHub Actions workflows.
-branding:
-  icon: align-center
-  color: yellow
-inputs:
-  format:
-    description: 'Report format'
-    default: sarif
-    required: true
-  output:
-    description: 'Report file output'
-    default: results.sarif
-    required: true
-runs:
-  using: docker
-  image: Dockerfile.action
-  args:
-    - |
-        git config --global --add safe.directory "$GITHUB_WORKSPACE"
-        poutine -format "$INPUT_FORMAT" analyze_local "$GITHUB_WORKSPACE" > "$INPUT_OUTPUT"