diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index bb2c0e9..29a8a1e 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -7,12 +7,13 @@ on:
   push:
     branches: ["master", "main"]
   schedule:
-    - cron: '0 2 * * 1-6' # scheduled for 02:00 UTC every day except Sunday
+    - cron: '0 2 * * 6' # scheduled for 02:00 UTC every day except Sunday
 
 jobs:
   semgrep:
     name: Scan
     runs-on: ubuntu-latest
+    timeout-minutes: 15 # There's been issues with some runs hanging. This times out after 15 minutes instead of the default 360.
     container:
       image: returntocorp/semgrep
     if: (github.actor != 'dependabot[bot]')