diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index 03e084e..f01b5c7 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -1,15 +1,18 @@
+# The Semgrep scan is set to run diffs only on PRs, but full scans
+# weekly on Monday. A series of gitops bots have to be ignored.
+
 name: Semgrep
 on:
   workflow_dispatch: {}
   pull_request:
     types: [opened, reopened, synchronize]
   merge_group:
+  schedule:
+    - cron: '0 0 * * 1'
   push:
     branches:
       - main
       - master
-    paths:
-      - .github/workflows/semgrep.yml
 jobs:
   semgrep:
     name: semgrep/ci