diff --git a/.github/workflows/frogbot-scan-pull-request.yml b/.github/workflows/frogbot-scan-pull-request.yml
new file mode 100644
index 0000000..e008c74
--- /dev/null
+++ b/.github/workflows/frogbot-scan-pull-request.yml
@@ -0,0 +1,21 @@
+
+jobs:
+  scan-pull-request:
+    runs-on: ubuntu-latest
+    # A pull request needs to be approved before Frogbot scans it. Any GitHub user who is associated with the
+    # "frogbot" GitHub environment can approve the pull request to be scanned.
+    environment: frogbot
+    steps:
+      - uses: jfrog/frogbot@v2
+    env:
+      # [Mandatory]
+      # JFrog platform URL
+      JF_URL: ${{ secrets.JF_URL }}
+
+      # [Mandatory if JF_USER and JF_PASSWORD are not provided]
+      # JFrog access token with 'read' permissions on Xray service
+      JF_ACCESS_TOKEN: ${{ secrets.JF_TOKEN }}
+
+      # [Mandatory]
+      # The GitHub token is automatically generated for the job
+      JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}