diff --git a/.github/workflows/_build.yaml b/.github/workflows/_build.yaml
index f3118e7e..cb305391 100644
--- a/.github/workflows/_build.yaml
+++ b/.github/workflows/_build.yaml
@@ -65,6 +65,16 @@ jobs:
       with:
         fetch-depth: 0
 
+    # Dependency review scans for introduced vulnerabilities and compatible licenses.
+    - name: Dependency Review
+      uses: actions/dependency-review-action@a1d282b36b6f3519aa1f3fc636f609c47dddb294 # v5.0.0
+      with:
+        fail-on-severity: moderate
+        vulnerability-check: true
+        license-check: true
+        # allow-licenses:
+        comment-summary-in-pr: always
+
     - name: Set up Python
       uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
       with: