diff --git a/.github/workflows/codeql-master.yml b/.github/workflows/codeql-master.yml
new file mode 100644
index 0000000..005d6ee
--- /dev/null
+++ b/.github/workflows/codeql-master.yml
@@ -0,0 +1,11 @@
+name: 'CodeQL master'
+on:
+  push:
+    branches:
+      - master
+  workflow_dispatch:
+
+jobs:
+  analyze:
+    uses: kenshoo/actions/.github/workflows/callable_codeql.yml@master
+    secrets: inherit
diff --git a/.github/workflows/codeql-pr.yml b/.github/workflows/codeql-pr.yml
new file mode 100644
index 0000000..f457b29
--- /dev/null
+++ b/.github/workflows/codeql-pr.yml
@@ -0,0 +1,10 @@
+name: 'CodeQL review'
+on:
+  pull_request:
+    branches: ['master']
+  workflow_dispatch:
+
+jobs:
+  analyze:
+    uses: kenshoo/actions/.github/workflows/callable_codeql.yml@master
+    secrets: inherit