diff --git a/.github/workflows/schedule-trivy.yaml b/.github/workflows/schedule-trivy.yaml
index 5042935..9cf283b 100644
--- a/.github/workflows/schedule-trivy.yaml
+++ b/.github/workflows/schedule-trivy.yaml
@@ -61,4 +61,4 @@ jobs:
           output: 'vuln.json'
 
       - name: Attach a security attestation to the signed image
-        run: cosign attest --type vuln --predicate vuln.json ${{ inputs.image-ref }}
+        run: cosign attest --yes --force --type vuln --predicate vuln.json ${{ inputs.image-ref }}