diff --git a/.github/workflows/daily-health-check.yml b/.github/workflows/daily-health-check.yml
index 7485d0c..8e39c94 100644
--- a/.github/workflows/daily-health-check.yml
+++ b/.github/workflows/daily-health-check.yml
@@ -222,7 +222,7 @@ jobs:
           fi
 
       - name: Upload content health report
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02  # v4
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a  # v7.0.1
         with:
           name: content-health-report
           path: content-health.md
@@ -274,7 +274,7 @@ jobs:
           fi
 
       - name: Upload security health report
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02  # v4
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a  # v7.0.1
         with:
           name: security-health-report
           path: security-health.md
@@ -340,7 +340,7 @@ jobs:
           fi
 
       - name: Upload performance health report
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02  # v4
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a  # v7.0.1
         with:
           name: performance-health-report
           path: performance-health.md
@@ -441,7 +441,7 @@ jobs:
           echo "overall_health=$overall_health" >> $GITHUB_OUTPUT
 
       - name: Upload health summary
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02  # v4
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a  # v7.0.1
         with:
           name: health-summary
           path: health-summary.md
diff --git a/.github/workflows/lint-and-validate.yml b/.github/workflows/lint-and-validate.yml
index 830716b..61aa6aa 100644
--- a/.github/workflows/lint-and-validate.yml
+++ b/.github/workflows/lint-and-validate.yml
@@ -141,7 +141,7 @@ jobs:
 
       - name: Upload link report
         if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f  # v7
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a  # v7
         with:
           name: link-check-report
           path: reports/generated/linkcheck.txt
@@ -180,7 +180,7 @@ jobs:
 
       - name: Upload structure artifacts
         if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f  # v7
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a  # v7
         with:
           name: structure-audit-artifacts
           path: |
@@ -246,7 +246,7 @@ jobs:
 
       - name: Upload audit artifacts
         if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f  # v7
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a  # v7
         with:
           name: audit-gates-artifacts
           path: |
@@ -319,7 +319,7 @@ jobs:
 
       - name: Upload inventory
         if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f  # v7
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a  # v7
         with:
           name: standards-inventory
           path: |
@@ -397,7 +397,7 @@ jobs:
 
       - name: Upload compliance report
         if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f  # v7
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a  # v7
         with:
           name: anthropic-compliance-report
           path: reports/generated/anthropic-compliance-report.md
diff --git a/.github/workflows/nist-compliance.yml b/.github/workflows/nist-compliance.yml
index ccc4bf0..59d0f42 100644
--- a/.github/workflows/nist-compliance.yml
+++ b/.github/workflows/nist-compliance.yml
@@ -246,7 +246,7 @@ jobs:
           npm run generate-ssp -- --baseline ${{ env.BASELINE }} --format json
 
       - name: Upload SSP artifact
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02  # v4
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a  # v7.0.1
         with:
           name: system-security-plan
           path: standards/compliance/oscal-output/ssp-*.json
@@ -281,7 +281,7 @@ jobs:
           ls -la oscal-output/
 
       - name: Upload evidence artifacts
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02  # v4
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a  # v7.0.1
         with:
           name: compliance-evidence-${{ github.run_number }}
           path: standards/compliance/oscal-output/assessment-results-*.json
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index b04184f..4f0498e 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -23,7 +23,7 @@ jobs:
           results_file: results.sarif
           results_format: sarif
           publish_results: true
-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         with:
           name: SARIF file
           path: results.sarif