diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml
index 753800e..f81c743 100644
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -40,6 +40,9 @@ jobs:
 
       - name: Install dependencies
         run: uv sync
+      
+      - name: Check Import Sorting
+        run: uv run isort --check app/ tests/
 
       - name: Lint
         run: |
@@ -61,32 +64,44 @@ jobs:
       #     SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
       #     SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
 
-      # - name: Snyk Vulnerability Scan
-      #   uses: snyk/actions/python@master
-      #   continue-on-error: true # Sometimes vulns aren't immediately fixable
-      #   env:
-      #     SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      - name: Create requirements.txt for Snyk
+        run: |
+          uv pip freeze > requirements.txt
+
+      - name: Snyk SAST Scan
+        uses: snyk/actions/python@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          command: snyk
+          args: code test --exclude=.archive
+
+      - name: Snyk Vulnerability Scan
+        uses: snyk/actions/python@master
+        continue-on-error: true # Sometimes vulns aren't immediately fixable
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          command: snyk
+          args: test --all-projects --exclude=.archive
+
+      # - name: Trivy Setup
+      #   uses: aquasecurity/setup-trivy@v0.2.0
       #   with:
-      #     command: snyk
-      #     args: test --all-projects
+      #     cache: true
+      #     version: v0.61.1
 
-      - name: Manual Trivy Setup
-        uses: aquasecurity/setup-trivy@v0.2.0
-        with:
-          cache: true
-          version: v0.61.1
-
-      - name: Trivy Vulnerability Scan
-        uses: aquasecurity/trivy-action@master
-        with:
-          skip-setup-trivy: true
-          scan-type: "fs"
-          scan-ref: "${{ gitea.workspace }}"
-          exit-code: "1"
-          ignore-unfixed: true
-          format: "table"
-          severity: "CRITICAL,HIGH,MEDIUM"
-          scanners: "vuln,secret,misconfig,license"
+      # - name: Trivy Vulnerability Scan
+      #   uses: aquasecurity/trivy-action@master
+      #   with:
+      #     skip-setup-trivy: true
+      #     scan-type: "fs"
+      #     scan-ref: "${{ gitea.workspace }}"
+      #     exit-code: "1"
+      #     ignore-unfixed: true
+      #     format: "table"
+      #     severity: "CRITICAL,HIGH,MEDIUM"
+      #     scanners: "vuln,secret,misconfig,license"
       
       # - name: Trivy Vulnerability Scan (Docker)
       #   uses: aquasecurity/trivy-action@master
diff --git a/.gitignore b/.gitignore
index 9e15164..82c307e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -27,6 +27,7 @@ share/python-wheels/
 *.egg
 MANIFEST
 .pdm-build/
+requirements*.txt
 
 # PyInstaller
 #  Usually these files are written by a python script from a template
@@ -136,3 +137,6 @@ dmypy.json
 # IDE
 .vscode
 .idea
+
+# Other
+.dccache
diff --git a/app/commands/submit_task.py b/app/commands/submit_task.py
index 6197f47..e9b5be7 100644
--- a/app/commands/submit_task.py
+++ b/app/commands/submit_task.py
@@ -4,16 +4,8 @@ import logging
 
 from webex_bot.models.command import Command
 from webex_bot.models.response import Response, response_from_adaptive_card
-from webexpythonsdk.models.cards import (
-    AdaptiveCard,
-    Column,
-    ColumnSet,
-    Date,
-    FontSize,
-    FontWeight,
-    Text,
-    TextBlock,
-)
+from webexpythonsdk.models.cards import (AdaptiveCard, Column, ColumnSet, Date,
+                                         FontSize, FontWeight, Text, TextBlock)
 from webexpythonsdk.models.cards.actions import Submit
 
 from app.utils.config import config