diff --git a/.github/workflows/ci-workflow.yml b/.github/workflows/ci-workflow.yml
index 9ae8086..5c2c5b3 100644
--- a/.github/workflows/ci-workflow.yml
+++ b/.github/workflows/ci-workflow.yml
@@ -82,6 +82,26 @@ jobs:
           name: ethereum_nanox
           path: ./ethereum_nanox.elf
 
+  scan-build:
+    name: Clang Static Analyzer
+    runs-on: ubuntu-latest
+
+    container:
+      image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Build with Clang Static Analyzer
+        run: |
+          make clean
+          scan-build --use-cc=clang -analyze-headers -enable-checker security -enable-checker unix -enable-checker valist -o scan-build --status-bugs make default
+      - uses: actions/upload-artifact@v2
+        if: failure()
+        with:
+          name: scan-build
+          path: scan-build
+
   jobs-e2e-tests:
     needs: [job_build_debug_nano_s, job_build_debug_nano_x]
     runs-on: ubuntu-latest