diff --git a/.gitea/workflows/publish-docker.yml b/.gitea/workflows/publish-docker.yml
index 73737ac..e8e8287 100644
--- a/.gitea/workflows/publish-docker.yml
+++ b/.gitea/workflows/publish-docker.yml
@@ -51,6 +51,9 @@ jobs:
           ignore-unfixed: true
           vuln-type: 'os,library'
           severity: 'CRITICAL,HIGH'
+        env:
+          - TRIVY_USERNAME: ${{ secrets.PACKAGE_USER }}
+          - TRIVY_PASSWORD: ${{ secrets.PACKAGE_TOKEN }}
 
       # Step 3: If scan passes, Build and Push to Registry
       - name: Build and push Docker image