diff --git a/.github/workflows/add-asana-comment.yml b/.github/workflows/add-asana-comment.yml
new file mode 100644
index 0000000..aaa3f6d
--- /dev/null
+++ b/.github/workflows/add-asana-comment.yml
@@ -0,0 +1,16 @@
+name: Asana
+
+on:
+  pull_request:
+    types: [opened]
+
+jobs:
+  link-asana-task:
+    if: ${{ github.actor != 'dependabot[bot]' }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: Asana/create-app-attachment-github-action@v1.3
+        id: postAttachment
+        with:
+          asana-secret: ${{ secrets.ASANA_API_ACCESS_KEY }}
+      - run: echo "Status is ${{ steps.postAttachment.outputs.status }}"
diff --git a/.github/workflows/example.yaml b/.github/workflows/example.yaml
index 2dfa189..69267a5 100644
--- a/.github/workflows/example.yaml
+++ b/.github/workflows/example.yaml
@@ -23,6 +23,7 @@ jobs:
           wiz-client-secret: ${{ secrets.WIZ_CLIENT_SECRET }}
           wiz-api-endpoint-url: ${{ vars.WIZ_API_ENDPOINT_URL }}
           image: statsd/statsd:v0.9.0 # has many, many CVEs
+          custom-policies: tvm_automation_policy
           fail: false
           pull: true