diff --git a/.github/workflows/mend.yml b/.github/workflows/mend.yml
new file mode 100644
index 0000000..fad022e
--- /dev/null
+++ b/.github/workflows/mend.yml
@@ -0,0 +1,29 @@
+name: mend
+permissions:
+  contents: read
+  id-token: write
+on:
+  schedule:
+    - cron: '30 7 * * 1'
+
+jobs:
+  scan-code:
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout mend action
+        uses: actions/checkout@v3
+        with:
+          repository: aktsk/mend-action
+          path: ./.github/actions/mend-action
+          ssh-key: ${{ secrets.MEND_CHECKOUT_KEY }}
+      - name: Generate credential of GCP
+        uses: 'google-github-actions/auth@v1'
+        with:
+          workload_identity_provider: ${{ secrets.MEND_GCP_PROVIDER_ID }}
+          service_account: ${{ secrets.MEND_SERVICE_ACCOUNT }}
+      - name: Scan repo
+        uses: ./.github/actions/mend-action
+        with:
+          mend_api_key: ${{ secrets.MEND_API_KEY }}
+          mend_user_key: ${{ secrets.MEND_USER_KEY }}
+          slack_token: ${{ secrets.MEND_SLACK_TOKEN }}