diff --git a/.github/actions/for-dependabot-triggered-reviews/action.yml b/.github/actions/for-dependabot-triggered-reviews/action.yml
index 1b493a97..e42677ac 100644
--- a/.github/actions/for-dependabot-triggered-reviews/action.yml
+++ b/.github/actions/for-dependabot-triggered-reviews/action.yml
@@ -39,8 +39,12 @@ runs:
   steps:
     - uses: 1Password/load-secrets-action@92467eb28f72e8255933372f1e0707c567ce2259  # v4.0.0
       if: false
+      with:
+        version: "2.30.0"
     - uses: 1Password/load-secrets-action/configure@92467eb28f72e8255933372f1e0707c567ce2259  # v4.0.0
       if: false
+      with:
+        version: "2.30.0"
     - uses: addnab/docker-run-action@4f65fabd2431ebc8d299f8e5a018d79a769ae185  # v3
       if: false
     - uses: advanced-security/dismiss-alerts@046d6b48d2e43cf563f96f67332c47c432eff83e  # v2.0.2
diff --git a/gateway/gateway.py b/gateway/gateway.py
index 88ab59df..c0a068c7 100644
--- a/gateway/gateway.py
+++ b/gateway/gateway.py
@@ -201,10 +201,38 @@ def is_updatable(ref):
             details = refs[ref]
             steps.append(f"    - uses: {name}@{ref}" + (f"  # {details['tag']}" if details and 'tag' in details else ''))
             steps.append( "      if: false")
+            # zizmor's `unpinned-tools` audit flags certain actions whose
+            # default behavior is to install the "latest" version of an
+            # external tool. The remediation is to set `with.version` to
+            # a specific value. These steps never execute (`if: false`);
+            # the value is cosmetic, only here so the static analyser is
+            # satisfied. See https://docs.zizmor.sh/audits/#unpinned-tools
+            pin = _unpinned_tool_version_pin(name)
+            if pin is not None:
+                steps.append("      with:")
+                steps.append(f'        version: "{pin}"')
 
     return header + "\n".join(steps) + "\n" + "    - run: echo Success!\n" + "      shell: bash\n"
 
 
+# zizmor's `unpinned-tools` audit (zizmor source:
+# crates/zizmor/src/audit/unpinned_tools.rs) reports a Medium finding when one
+# of these actions is used without a static `with.version`. Keys are matched
+# case-insensitively against the bare repo name and any subpath under it.
+_UNPINNED_TOOLS_VERSION_PINS = {
+    "1password/load-secrets-action": "2.30.0",
+    "aquasecurity/setup-trivy": "v0.55.0",
+}
+
+
+def _unpinned_tool_version_pin(name: str) -> str | None:
+    name_l = name.lower()
+    for prefix, version in _UNPINNED_TOOLS_VERSION_PINS.items():
+        if name_l == prefix or name_l.startswith(prefix + "/"):
+            return version
+    return None
+
+
 def update_refs(
     composite_steps: list[dict[str, str]], action_refs: ActionsYAML
 ) -> ActionsYAML: