diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9dbd564..28aa1ba 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -82,7 +82,7 @@ jobs:
         uses: Infisical/secrets-action@v1.0.9
         with:
           method: "oidc"
-          identity-id: "6bd2b8d8-a9a3-4331-8b37-bf2764fc320b"
+          identity-id: ${{ secrets.INFISICAL_IDENTITY_ID }}
           project-slug: "github-actions"
           env-slug: "prod"
           domain: "https://infisical.ajianaz.dev"
@@ -96,7 +96,7 @@ jobs:
             --format sarif \
             --severity major \
             --quiet \
-            > cora-results.sarif 2>&1 || true
+            > cora-results.sarif
 
           echo "### 🔍 Cora AI Code Review" >> $GITHUB_STEP_SUMMARY
           echo "" >> $GITHUB_STEP_SUMMARY
@@ -109,7 +109,7 @@ jobs:
           fi
 
       - name: Upload SARIF to GitHub Code Scanning
-        if: always()
+        if: always() && hashFiles('cora-results.sarif') != ''
         uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: cora-results.sarif