diff --git a/.gitea/workflows/security-scan.yml b/.gitea/workflows/security-scan.yml
index 1cde45a2..72a3972a 100644
--- a/.gitea/workflows/security-scan.yml
+++ b/.gitea/workflows/security-scan.yml
@@ -24,15 +24,21 @@ jobs:
             REF_NAME="main"
           fi
           
-          git clone --depth 1 --branch "$REF_NAME" \
-            "https://git.michaelschiemer.de/${REPO}.git" \
-            /workspace/repo || \
-          git clone --depth 1 --branch "$REF_NAME" \
-            "git@git.michaelschiemer.de:${REPO}.git" \
-            /workspace/repo || \
-          git clone --depth 1 \
-            "https://git.michaelschiemer.de/${REPO}.git" \
-            /workspace/repo
+          # Use Gitea token if available, otherwise try public access
+          if [ -n "${{ secrets.GITEA_TOKEN }}" ]; then
+            git clone --depth 1 --branch "$REF_NAME" \
+              "https://${{ secrets.GITEA_TOKEN }}@git.michaelschiemer.de/${REPO}.git" \
+              /workspace/repo
+          else
+            # Try public HTTPS (works if repository is public)
+            git clone --depth 1 --branch "$REF_NAME" \
+              "https://git.michaelschiemer.de/${REPO}.git" \
+              /workspace/repo || \
+            # Fallback: Try to use Gitea's internal runner access
+            git clone --depth 1 \
+              "https://git.michaelschiemer.de/${REPO}.git" \
+              /workspace/repo
+          fi
           
           cd /workspace/repo