diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 7e1f1b4..09a587d 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1 +1,3 @@
 .github/* @browserstack/asi-devs
+
+* @browserstack/automate-public-repos
diff --git a/.github/workflows/Semgrep.yml b/.github/workflows/Semgrep.yml
new file mode 100644
index 0000000..0347afd
--- /dev/null
+++ b/.github/workflows/Semgrep.yml
@@ -0,0 +1,48 @@
+# Name of this GitHub Actions workflow.
+name: Semgrep
+
+on:
+  # Scan changed files in PRs (diff-aware scanning):
+  # The branches below must be a subset of the branches above
+  pull_request:
+    branches: ["master", "main"]
+  push:
+    branches: ["master", "main"]
+  schedule:
+    - cron: '0 6 * * *'
+
+
+permissions:
+  contents: read
+
+jobs:
+  semgrep:
+    # User definable name of this GitHub Actions job.
+    permissions:
+      contents: read  # for actions/checkout to fetch code
+      security-events: write  # for github/codeql-action/upload-sarif to upload SARIF results
+    name: semgrep/ci 
+    # If you are self-hosting, change the following `runs-on` value: 
+    runs-on: ubuntu-latest
+
+    container:
+      # A Docker image with Semgrep installed. Do not change this.
+      image: returntocorp/semgrep
+
+    # Skip any PR created by dependabot to avoid permission issues:
+    if: (github.actor != 'dependabot[bot]')
+
+    steps:
+      # Fetch project source with GitHub Actions Checkout.
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      # Run the "semgrep ci" command on the command line of the docker image.
+      - run: semgrep ci --sarif --output=semgrep.sarif
+        env:
+            # Add the rules that Semgrep uses by setting the SEMGREP_RULES environment variable. 
+            SEMGREP_RULES: p/default # more at semgrep.dev/explore
+
+      - name: Upload SARIF file for GitHub Advanced Security Dashboard
+        uses: github/codeql-action/upload-sarif@6c089f53dd51dc3fc7e599c3cb5356453a52ca9e # v2.20.0
+        with:
+          sarif_file: semgrep.sarif
+        if: always()
\ No newline at end of file
diff --git a/.github/workflows/reviewing_changes.yml b/.github/workflows/reviewing_changes.yml
index 30660c0..090ebed 100644
--- a/.github/workflows/reviewing_changes.yml
+++ b/.github/workflows/reviewing_changes.yml
@@ -6,8 +6,8 @@ name: NodeJS SDK Test workflow on workflow_dispatch
 on:
   workflow_dispatch:
     inputs:
-      pull_request_number:
-        description: 'The pull request number to build'
+      commit_sha:
+        description: 'The full commit id to build'
         required: true
 
 jobs:
@@ -27,16 +27,12 @@ jobs:
     steps:
       - uses: actions/checkout@v3
         with:
-          ref: refs/pull/${{ github.event.inputs.pull_request_number }}/head
-      - name: Fetch Commit SHA
-        run: |
-          git log -1 --format='%H'
-          echo "commit_sha=$(git log -1 --format='%H')" >> $GITHUB_ENV
-          echo "commit_sha=$(git log -1 --format='%H')" >> $env:GITHUB_ENV
+          ref: ${{ github.event.inputs.commit_sha }}
       - uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975
         id: status-check-in-progress
         env:
           job_name: NodeJS-selenium Repo ${{ matrix.node }} - ${{ matrix.os }} Sample
+          commit_sha: ${{ github.event.inputs.commit_sha }}
         with:
           github-token: ${{ github.token }}
           script: |
@@ -74,6 +70,7 @@ jobs:
         env:
           conclusion: ${{ job.status }}
           job_name: NodeJS-selenium Repo ${{ matrix.node }} - ${{ matrix.os }} Sample
+          commit_sha: ${{ github.event.inputs.commit_sha }}
         with:
           github-token: ${{ github.token }}
           script: |