diff --git a/.github/workflows/plugin-ci.yaml b/.github/workflows/plugin-ci.yaml
index 495321e..6f2a151 100644
--- a/.github/workflows/plugin-ci.yaml
+++ b/.github/workflows/plugin-ci.yaml
@@ -158,9 +158,8 @@ jobs:
 
       - name: Security audit
         run: |
-          # pnpm audit endpoint retired (HTTP 410) - skip for pnpm repos
           if [ "${{ steps.pkg-manager.outputs.manager }}" = "pnpm" ]; then
-            echo "Skipping security audit for pnpm repo (pnpm audit endpoint retired)"
+            npx audit-ci --pnpm --audit-level=high
           else
-            npm audit --omit=dev
+            npx audit-ci --npm --audit-level=high
           fi