diff --git a/.github/workflows/third_party_scan.yml b/.github/workflows/third_party_scan.yml
index 444320232d5b5..e70b52cd72b78 100644
--- a/.github/workflows/third_party_scan.yml
+++ b/.github/workflows/third_party_scan.yml
@@ -15,7 +15,7 @@ jobs:
     name: Vulnerability scanning
     runs-on: ubuntu-20.04
     # run on flutter/engine push to main or PRs with 'vulnerability patch' label 
-    if: ${{  github.repository == 'flutter/engine' && (github.event_name == 'push' || github.event.label.name == 'vulnerability scan') }}
+    if: ${{  (github.repository == 'flutter/engine' && github.event_name == 'push') || github.event.label.name == 'vulnerability scan' }}
     permissions:
       # Needed to upload the SARIF results to code-scanning dashboard.
       security-events: write