diff --git a/actions/setup/js/add_comment.cjs b/actions/setup/js/add_comment.cjs
index 4d0e8d54aa3..7c8ce5a9597 100644
--- a/actions/setup/js/add_comment.cjs
+++ b/actions/setup/js/add_comment.cjs
@@ -528,7 +528,7 @@ async function main(config = {}) {
 
     if (includeFooter) {
       // When footer is enabled, add full footer with attribution and XML markers
-      processedBody += generateFooterWithMessages(workflowName, runUrl, workflowSource, workflowSourceURL, triggeringIssueNumber, triggeringPRNumber, triggeringDiscussionNumber, historyUrl).trimEnd();
+      processedBody += "\n\n" + generateFooterWithMessages(workflowName, runUrl, workflowSource, workflowSourceURL, triggeringIssueNumber, triggeringPRNumber, triggeringDiscussionNumber, historyUrl).trimEnd();
     } else {
       // When footer is disabled, only add XML marker for searchability (no visible attribution text)
       processedBody += "\n\n" + generateXMLMarker(workflowName, runUrl);
diff --git a/actions/setup/js/add_comment.test.cjs b/actions/setup/js/add_comment.test.cjs
index 5d22ba1d46b..9bcd6bd5a49 100644
--- a/actions/setup/js/add_comment.test.cjs
+++ b/actions/setup/js/add_comment.test.cjs
@@ -1882,6 +1882,44 @@ describe("add_comment", () => {
       delete process.env.GH_AW_WORKFLOW_NAME;
     });
 
+    it("should add a blank line before injected security scanning caution footer", async () => {
+      const addCommentScript = fs.readFileSync(path.join(__dirname, "add_comment.cjs"), "utf8");
+
+      process.env.GH_AW_WORKFLOW_NAME = "Security Test Workflow";
+      process.env.GH_AW_DETECTION_CONCLUSION = "warning";
+      process.env.GH_AW_DETECTION_REASON = "threat_detected";
+
+      let capturedBody = null;
+      mockGithub.rest.issues.createComment = async params => {
+        capturedBody = params.body;
+        return {
+          data: {
+            id: 12345,
+            html_url: "https://github.com/owner/repo/issues/42#issuecomment-12345",
+          },
+        };
+      };
+
+      const handler = await eval(`(async () => { ${addCommentScript}; return await main({}); })()`);
+
+      const message = {
+        type: "add_comment",
+        body: "Comment body for warning case",
+      };
+
+      const result = await handler(message, {});
+
+      expect(result.success).toBe(true);
+      expect(capturedBody).toContain("Comment body for warning case\n\n> [!CAUTION]");
+      expect(capturedBody).toContain("**Security scanning requires review**");
+      expect(capturedBody).toContain("> Generated by [Security Test Workflow]");
+      expect(capturedBody).toMatch(/> \[!CAUTION\][\s\S]*\n\n> Generated by \[Security Test Workflow\]/);
+
+      delete process.env.GH_AW_WORKFLOW_NAME;
+      delete process.env.GH_AW_DETECTION_CONCLUSION;
+      delete process.env.GH_AW_DETECTION_REASON;
+    });
+
     it("should sanitize user content but preserve system markers", async () => {
       const addCommentScript = fs.readFileSync(path.join(__dirname, "add_comment.cjs"), "utf8");