diff --git a/.github/workflows/cargo_audit.yml b/.github/workflows/cargo_audit.yml
new file mode 100644
index 0000000000000000000000000000000000000000..94b00f6ea242df015e54d4cb33abfb4be1041183
--- /dev/null
+++ b/.github/workflows/cargo_audit.yml
@@ -0,0 +1,24 @@
+name: Security audit
+on:
+  schedule:
+    - cron: '0 0 * * *'
+jobs:
+  audit:
+    runs-on: ubuntu-18.04
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions-rs/toolchain@v1
+        with:
+          toolchain: nightly
+          target: thumbv7em-none-eabi
+          override: true
+      - uses: actions/setup-python@v1
+        with:
+          python-version: 3.7
+      - name: Install Python dependencies
+        run: python -m pip install --upgrade pip setuptools wheel
+      - name: Set up OpenSK
+        run: ./setup.sh
+      - uses: actions-rs/audit-check@v1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/cargo_check.yml b/.github/workflows/cargo_check.yml
index e509a420bcd8a0aaacc232421fdbbb1dbd31325a..9697b373bb24d8e85e1a3ea745d5baa3fa6cce32 100644
--- a/.github/workflows/cargo_check.yml
+++ b/.github/workflows/cargo_check.yml
@@ -14,7 +14,7 @@ on:
 
 jobs:
   cargo_check:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-18.04
     steps:
       - uses: actions/checkout@v2
       - uses: actions-rs/toolchain@v1
diff --git a/.github/workflows/cargo_fmt.yml b/.github/workflows/cargo_fmt.yml
index 177989f328a89466bb28a2d7032a9cf5c10c167d..324b4755c7fbd5975bb7e8eea2684fe3c75eea5d 100644
--- a/.github/workflows/cargo_fmt.yml
+++ b/.github/workflows/cargo_fmt.yml
@@ -14,7 +14,7 @@ on:
 
 jobs:
   cargo_format:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-18.04
     steps:
       - uses: actions/checkout@v2
       - uses: actions-rs/toolchain@v1
diff --git a/.github/workflows/mdlint.yml b/.github/workflows/mdlint.yml
index 1c8a4d5df678201aab2035813b1a47032562d817..c697e0c3422041fa50b7b23f6836b9a8847abccd 100644
--- a/.github/workflows/mdlint.yml
+++ b/.github/workflows/mdlint.yml
@@ -10,11 +10,12 @@ on:
 
 jobs:
   mdlint:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-18.04
     steps:
       - uses: actions/checkout@v2
       - name: markdownlint-cli
         uses: nosborn/github-action-markdown-cli@v1.1.1
         with:
           files: '**/*.md'
+          ignore_files: "third_party/*"
           config_file: ".markdownlint.json"
diff --git a/.github/workflows/pylint.yml b/.github/workflows/python.yml
similarity index 53%
rename from .github/workflows/pylint.yml
rename to .github/workflows/python.yml
index 08c1f04b1ed044f60656c5be111c031fd6e825a6..dc739b8b71234fd0a7e507e3e8ae4a774eaaf218 100644
--- a/.github/workflows/pylint.yml
+++ b/.github/workflows/python.yml
@@ -9,7 +9,7 @@ on:
     types: [opened, synchronize, reopened]
 jobs:
   pylint:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-18.04
     strategy:
       matrix:
         python-version: [3.6, 3.7, 3.8]
@@ -26,4 +26,19 @@ jobs:
       - name: Test code with pylint
         run: |
           pip install pylint
-          pylint --rcfile=.pylintrc `find . -maxdepth 1 -type f -name '*.py'`
+          pylint --rcfile=.pylintrc --score=n `find . ! -path "./third_party/*" -type f -name '*.py'`
+
+  yapf:
+    runs-on: ubuntu-18.04
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Python 3.7
+        uses: actions/setup-python@v1
+        with:
+          python-version: 3.7
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip setuptools wheel
+          pip install yapf
+      - name: Test code formatting with yapf
+        run: yapf --style=chromium --recursive --exclude third_party --diff .