diff --git a/.github/workflows/registry.yml b/.github/workflows/registry.yml
new file mode 100644
index 000000000..4a2dd7ff9
--- /dev/null
+++ b/.github/workflows/registry.yml
@@ -0,0 +1,13 @@
+name: Test local registry for js vulnerabilities
+
+on:
+  schedule:
+  - cron: '0 */4 * * *'
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Test for public javascript library vulnerabilities
+        uses: lirantal/is-website-vulnerable@1.15.10
+        with:
+          scan-url: "https://registry.verdaccio.org"