diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index 367add6..847c31d 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -38,7 +38,7 @@ jobs:
       - uses: dtolnay/rust-toolchain@3c5f7ea28cd621ae0bf5283f0e981fb97b8a7af9 # master @ 2026-03-27
         with:
           toolchain: stable
-      - uses: taiki-e/install-action@711e1c3275189d76dcc4d34ddea63bf96ac49090 # v2
+      - uses: taiki-e/install-action@d9be7d8cda89035c9c843f78bd44d4f72d8403d4 # v2
         with:
           tool: cargo-audit
       # `--deny warnings` surfaces unmaintained / yanked crates as failures;
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 6ef9151..7fe8455 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -126,7 +126,7 @@ jobs:
       - uses: dtolnay/rust-toolchain@3c5f7ea28cd621ae0bf5283f0e981fb97b8a7af9 # master @ 2026-03-27
         with:
           toolchain: stable
-      - uses: taiki-e/install-action@711e1c3275189d76dcc4d34ddea63bf96ac49090 # v2
+      - uses: taiki-e/install-action@d9be7d8cda89035c9c843f78bd44d4f72d8403d4 # v2
         with:
           tool: cargo-deny
       - run: cargo deny --all-features check