diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 398abc4..8084826 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -25,8 +25,13 @@ jobs:
         with:
           go-version: "1.23"
 
-      - name: Install libpcap
-        run: ${{ matrix.install }}
+      - name: Install libpcap (Linux)
+        if: runner.os == 'Linux'
+        run: sudo apt-get update && sudo apt-get install -y libpcap-dev
+
+      - name: Install libpcap (macOS)
+        if: runner.os == 'macOS'
+        run: brew install libpcap
 
       - name: Run tests
         run: make test
diff --git a/.github/workflows/gitleaks.yaml b/.github/workflows/gitleaks.yaml
index 8f0992c..340564f 100644
--- a/.github/workflows/gitleaks.yaml
+++ b/.github/workflows/gitleaks.yaml
@@ -19,12 +19,13 @@ jobs:
           persist-credentials: false
       - name: Set scan range
         id: range
+        env:
+          EVENT: ${{ github.event_name }}
+          BASE_SHA: ${{ github.event.pull_request.base.sha }}
+          BEFORE_SHA: ${{ github.event.before }}
+          FORCED: ${{ github.event.forced }}
         run: |
           NULL_SHA="0000000000000000000000000000000000000000"
-          EVENT="${{ github.event_name }}"
-          BASE_SHA="${{ github.event.pull_request.base.sha }}"
-          BEFORE_SHA="${{ github.event.before }}"
-          FORCED="${{ github.event.forced }}"
           if [ "$EVENT" = "pull_request" ] && [ -n "$BASE_SHA" ]; then
             echo "log_opts=${BASE_SHA}..HEAD" >> $GITHUB_OUTPUT
           elif [ "$EVENT" = "push" ] && [ "$FORCED" \!= "true" ] && [ -n "$BEFORE_SHA" ] && [ "$BEFORE_SHA" \!= "$NULL_SHA" ]; then
diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
index 2778c74..9016550 100644
--- a/.github/workflows/release-please.yml
+++ b/.github/workflows/release-please.yml
@@ -62,11 +62,15 @@ jobs:
           CGO_ENABLED: "1"
           GOOS: ${{ matrix.goos }}
           GOARCH: ${{ matrix.goarch }}
+          TAG_NAME: ${{ needs.release-please.outputs.tag_name }}
         run: |
           mkdir -p bin
-          go build -ldflags="-s -w -X main.version=${{ needs.release-please.outputs.tag_name }}" -o bin/agentsonar-${{ matrix.goos }}-${{ matrix.goarch }} ./cmd/agentsonar
+          go build -ldflags="-s -w -X main.version=$TAG_NAME" -o "bin/agentsonar-${GOOS}-${GOARCH}" ./cmd/agentsonar
 
       - name: Upload to release
         env:
           GH_TOKEN: ${{ github.token }}
-        run: gh release upload ${{ needs.release-please.outputs.tag_name }} bin/agentsonar-${{ matrix.goos }}-${{ matrix.goarch }}
+          TAG_NAME: ${{ needs.release-please.outputs.tag_name }}
+          GOOS: ${{ matrix.goos }}
+          GOARCH: ${{ matrix.goarch }}
+        run: gh release upload "$TAG_NAME" "bin/agentsonar-${GOOS}-${GOARCH}"
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 9f20c0b..eb77280 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -54,7 +54,7 @@ jobs:
           VERSION: ${{ github.event.release.tag_name || github.ref_name }}
         run: |
           mkdir -p bin
-          go build -ldflags="-s -w -X main.version=$VERSION" -o bin/agentsonar-${{ matrix.goos }}-${{ matrix.goarch }} ./cmd/agentsonar
+          go build -ldflags="-s -w -X main.version=$VERSION" -o "bin/agentsonar-${GOOS}-${GOARCH}" ./cmd/agentsonar
 
       - name: Upload artifact
         uses: actions/upload-artifact@v4