diff --git a/src/index.ts b/src/index.ts
index d12f996d..3fa9be0e 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -48,7 +48,7 @@ async function runAnalysis() {
   // Only pass modified files for PR "new" scans — this optimises scanning to only changed files
   let modifiedFiles: string | undefined
   if (currBranch !== '' && target === 'new') {
-    modifiedFiles = getModifiedFiles()
+    modifiedFiles = await getModifiedFiles()
     if (modifiedFiles) {
       info(`Modified files for optimised scanning: ${modifiedFiles}`)
     }
diff --git a/src/util.ts b/src/util.ts
index 3fc1bb5f..4e0ba95c 100644
--- a/src/util.ts
+++ b/src/util.ts
@@ -1,9 +1,10 @@
 import { error, getInput, info, isDebug } from '@actions/core'
 import { context } from '@actions/github'
-import { spawn, spawnSync } from 'child_process'
+import { spawn } from 'child_process'
 import { existsSync, readFileSync, mkdirSync, writeFileSync } from 'fs'
 import * as os from 'os'
 import * as path from 'path'
+import { simpleGit } from 'simple-git'
 
 // Gather GITHUB_* and CI env vars for the lacework iac binary to read directly
 function gatherGitHubEnvVars(): string[] {
@@ -115,29 +116,15 @@ export function generateUILink() {
   return url
 }
 
-export function getModifiedFiles(): string | undefined {
-  const eventPath = process.env.GITHUB_EVENT_PATH
-  if (!eventPath) return undefined
-
-  let eventData: any
+export async function getModifiedFiles(): Promise<string | undefined> {
   try {
-    eventData = JSON.parse(readFileSync(eventPath, 'utf8'))
+    const diff = await simpleGit().diff(['--name-only', 'HEAD^1...HEAD'])
+    const files = diff.trim().split('\n').filter(Boolean).join(',')
+    return files || undefined
   } catch (e) {
-    info(`Failed to parse GitHub event file: ${e}`)
-    return undefined
-  }
-
-  const baseSha = eventData.pull_request?.base?.sha
-  if (!baseSha) return undefined
-
-  const result = spawnSync('git', ['diff', '--name-only', `${baseSha}...HEAD`])
-  if (result.status !== 0) {
-    info(`Failed to get modified files: ${result.stderr?.toString()}`)
+    info(`Failed to get modified files: ${e}`)
     return undefined
   }
-
-  const files = result.stdout.toString().trim().split('\n').filter(Boolean).join(',')
-  return files || undefined
 }
 
 export function shouldRunIaCScanner(modifiedFiles: string): boolean {