diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
index 6082527b..24485f50 100644
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -1,5 +1,7 @@
-- [ ] All [tests](https://github.com/jfrog/jfrog-cli-security#tests) passed. If this feature is not already covered by the tests, I added new tests.
+- [ ] The pull request is targeting the `dev` branch.
+- [ ] The code has been validated to compile successfully by running `go vet ./...`.
+- [ ] The code has been formatted properly using `go fmt ./...`.
 - [ ] All [static analysis checks](https://github.com/jfrog/jfrog-cli-security/actions/workflows/analysis.yml) passed.
-- [ ] This pull request is on the dev branch.
-- [ ] I used gofmt for formatting the code before submitting the pull request.
------
+- [ ] All [tests](https://github.com/jfrog/jfrog-cli-security/actions/workflows/test.yml) have passed. If this feature is not already covered by the tests, new tests have been added.
+
+-----
\ No newline at end of file
diff --git a/.github/workflows/removeLabel.yml b/.github/workflows/removeLabel.yml
new file mode 100644
index 00000000..67be7e8d
--- /dev/null
+++ b/.github/workflows/removeLabel.yml
@@ -0,0 +1,18 @@
+name: Remove Label
+on:
+  pull_request_target:
+    types: [labeled]
+# Ensures that only the latest commit is running for each PR at a time.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}-${{ github.ref }}
+  cancel-in-progress: true
+jobs:
+  Remove-Label:
+    if: contains(github.event.pull_request.labels.*.name, 'safe to test')
+    name: Remove label
+    runs-on: ubuntu-latest
+    steps:
+      - name: Remove 'safe to test'
+        uses: actions-ecosystem/action-remove-labels@v1
+        with:
+          labels: "safe to test"
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 9a9439fa..00a3be52 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -65,5 +65,9 @@ jobs:
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       # Test
-      - name: Run security tests
-        run: go test -v github.com/jfrog/jfrog-cli-security --timeout 0 --race
+      - name: Run security tests (without Docker Scan)
+        run: go test -v github.com/jfrog/jfrog-cli-security --timeout 0 --test.security --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --jfrog.user=${{ secrets.PLATFORM_USER }} --test.containerRegistry=${{ secrets.CONTAINER_REGISTRY }} --ci.runId=${{ runner.os }}-xray
+        if: ${{ matrix.os != 'ubuntu' }}
+      - name: Run security tests (with Docker Scan, only on Ubuntu)
+        run: go test -v github.com/jfrog/jfrog-cli-security --timeout 0 --test.security --test.dockerScan --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --test.containerRegistry=${{ secrets.CONTAINER_REGISTRY }} --ci.runId=${{ runner.os }}-xray
+        if: ${{ matrix.os == 'ubuntu' }}