diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml
index 7c767e5cb0f..c7b0add88b6 100644
--- a/.github/workflows/static-analysis-report.lock.yml
+++ b/.github/workflows/static-analysis-report.lock.yml
@@ -122,6 +122,10 @@ jobs:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         name: Start MCP server
         run: "set -e\n./gh-aw mcp-server --cmd ./gh-aw --port 8765 &\nMCP_PID=$!\n\n# Wait a moment for server to start\nsleep 2\n\n# Check if server is still running\nif ! kill -0 $MCP_PID 2>/dev/null; then\n  echo \"MCP server failed to start\"\n  exit 1\nfi\n\necho \"MCP server started successfully with PID $MCP_PID\"\n"
+      - name: Pull static analysis Docker images
+        run: "set -e\necho \"Pulling Docker images for static analysis tools...\"\n\n# Pull zizmor Docker image\necho \"Pulling zizmor image...\"\ndocker pull ghcr.io/zizmorcore/zizmor:latest\n\n# Pull poutine Docker image\necho \"Pulling poutine image...\"\ndocker pull ghcr.io/boostsecurityio/poutine:latest\n\necho \"All static analysis Docker images pulled successfully\"\n"
+      - name: Verify static analysis tools
+        run: "set -e\necho \"Verifying static analysis tools are available...\"\n\n# Verify zizmor\necho \"Testing zizmor...\"\ndocker run --rm ghcr.io/zizmorcore/zizmor:latest --version || echo \"Warning: zizmor version check failed\"\n\n# Verify poutine\necho \"Testing poutine...\"\ndocker run --rm ghcr.io/boostsecurityio/poutine:latest --version || echo \"Warning: poutine version check failed\"\n\necho \"Static analysis tools verification complete\""
 
       # Cache memory file share configuration from frontmatter processed below
       - name: Create cache-memory directory
diff --git a/.github/workflows/static-analysis-report.md b/.github/workflows/static-analysis-report.md
index b10af8f50ed..6de07fc1a1d 100644
--- a/.github/workflows/static-analysis-report.md
+++ b/.github/workflows/static-analysis-report.md
@@ -26,6 +26,35 @@ strict: true
 imports:
   - shared/mcp/gh-aw.md
   - shared/reporting.md
+steps:
+  - name: Pull static analysis Docker images
+    run: |
+      set -e
+      echo "Pulling Docker images for static analysis tools..."
+      
+      # Pull zizmor Docker image
+      echo "Pulling zizmor image..."
+      docker pull ghcr.io/zizmorcore/zizmor:latest
+      
+      # Pull poutine Docker image
+      echo "Pulling poutine image..."
+      docker pull ghcr.io/boostsecurityio/poutine:latest
+      
+      echo "All static analysis Docker images pulled successfully"
+  - name: Verify static analysis tools
+    run: |
+      set -e
+      echo "Verifying static analysis tools are available..."
+      
+      # Verify zizmor
+      echo "Testing zizmor..."
+      docker run --rm ghcr.io/zizmorcore/zizmor:latest --version || echo "Warning: zizmor version check failed"
+      
+      # Verify poutine
+      echo "Testing poutine..."
+      docker run --rm ghcr.io/boostsecurityio/poutine:latest --version || echo "Warning: poutine version check failed"
+      
+      echo "Static analysis tools verification complete"
 ---
 
 # Static Analysis Report