diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
index 7b1e4ba..f53558e 100644
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -44,10 +44,17 @@ jobs:
 
       - name: Run Security Scan
         id: security_scan
+        env:
+          BANDIT_SKIP_IDS: ${{ secrets.BANDIT_SKIP_IDS }}
         run: |
           # Run bandit recursively on all Python files
           echo "Running Bandit security scan..."
-          bandit -r . -f txt -o bandit-results.txt || true
+          
+          bandit -r . \
+          --severity-level medium \        #Medium issues and higher.
+          --skip "${BANDIT_SKIP_IDS}" \    #Skip filtered IDs - Pulled above from GitHub Secret to avoid PR for every update.
+          -f txt \
+          -o bandit-results.txt || true    #Continue on errors.
           
           # Run Safety check on requirements
           if [ -f "requirements.txt" ]; then