diff --git a/.github/workflows/audit.yaml b/.github/workflows/audit.yaml
new file mode 100644
index 000000000..686da3637
--- /dev/null
+++ b/.github/workflows/audit.yaml
@@ -0,0 +1,22 @@
+name: Audit
+
+on:
+  push:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  audit:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4
+      - uses: pnpm/action-setup@v4
+        name: Install pnpm
+        with:
+          version: 9
+          run_install: false
+      - name: Audit for vulnerabilities
+        run: npx audit-ci@^7 --config ./audit-ci.jsonc
diff --git a/audit-ci.jsonc b/audit-ci.jsonc
new file mode 100644
index 000000000..ae2259906
--- /dev/null
+++ b/audit-ci.jsonc
@@ -0,0 +1,5 @@
+{
+  "critical": true,
+  "package-manager": "auto",
+  "registry": "https://registry.npmjs.org"
+}