diff --git a/remediation/workflow/pin/pinactions.go b/remediation/workflow/pin/pinactions.go
index 531667fd..0b66e63a 100644
--- a/remediation/workflow/pin/pinactions.go
+++ b/remediation/workflow/pin/pinactions.go
@@ -52,7 +52,7 @@ func PinAction(action, inputYaml string, exemptedActions []string, pinToImmutabl
 	tagOrBranch := leftOfAt[1]
 
 	// skip pinning for exempted actions
-	if actionExists(leftOfAt[0], exemptedActions) {
+	if ActionExists(leftOfAt[0], exemptedActions) {
 		return inputYaml, updated
 	}
 
@@ -196,7 +196,7 @@ func getSemanticVersion(client *github.Client, owner, repo, tagOrBranch, commitS
 }
 
 // Function to check if an action matches any pattern in the list
-func actionExists(actionName string, patterns []string) bool {
+func ActionExists(actionName string, patterns []string) bool {
 	for _, pattern := range patterns {
 		// Use filepath.Match to match the pattern
 		matched, err := filepath.Match(pattern, actionName)
diff --git a/remediation/workflow/secureworkflow.go b/remediation/workflow/secureworkflow.go
index f6246b4f..8ba27190 100644
--- a/remediation/workflow/secureworkflow.go
+++ b/remediation/workflow/secureworkflow.go
@@ -85,6 +85,9 @@ func SecureWorkflow(queryStringParams map[string]string, inputYaml string, svc d
 	}
 
 	if addHardenRunner {
+		if pin.ActionExists(HardenRunnerActionPath, exemptedActions) {
+			pinActions = false
+		}
 		secureWorkflowReponse.FinalOutput, addedHardenRunner, _ = hardenrunner.AddAction(secureWorkflowReponse.FinalOutput, HardenRunnerActionPathWithTag, pinActions, pinToImmutable)
 	}