diff --git a/.gitea/workflows/security.yml b/.gitea/workflows/security.yml
index 665c049..922c9dc 100644
--- a/.gitea/workflows/security.yml
+++ b/.gitea/workflows/security.yml
@@ -17,5 +17,5 @@ jobs:
       # local-only inside a Dalamud plugin. Semgrep matches the pattern
       # without dataflow, so it flags those eight call sites; CodeQL
       # would not. Suppressed for this repo only.
-      semgrep-exclude-rules: 'csharp.lang.security.sqli.csharp-sqli'
+      semgrep-exclude-rules: 'csharp.lang.security.sqli.csharp-sqli.csharp-sqli'