diff --git a/pipeline.yml b/pipeline.yml
index 0f6a80f..317cc1e 100644
--- a/pipeline.yml
+++ b/pipeline.yml
@@ -6,8 +6,6 @@ stages:
 variables:
   GO_VERSION: "1.22"
   GOLANGCI_LINT_VERISON: "v1.58.0"
-  SYFT_VERSION: "v1.3.0"
-  GRYPE_VERSION: "v0.77.2"
 
 include:
   - project: 'developerdurp/yml'
diff --git a/scripts/scanner/grype-install.sh b/scripts/scanner/grype-install.sh
new file mode 100644
index 0000000..5e3d1a1
--- /dev/null
+++ b/scripts/scanner/grype-install.sh
@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+#%%MULTILINE_YAML_START
+#Syft install
+nix-shell -p grype
diff --git a/scripts/scanner/syft-install.sh b/scripts/scanner/syft-install.sh
new file mode 100644
index 0000000..3d8dabd
--- /dev/null
+++ b/scripts/scanner/syft-install.sh
@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+#%%MULTILINE_YAML_START
+#Syft install
+nix-shell -p syft
diff --git a/templates/codescan.tpl.yml b/templates/codescan.tpl.yml
index 9b960d7..4e8296b 100644
--- a/templates/codescan.tpl.yml
+++ b/templates/codescan.tpl.yml
@@ -1,15 +1,18 @@
 .generate_sbom:
-  image: registry.internal.durp.info/anchore/syft:${SYFT_VERSION}
+  image: registry.internal.durp.info/nixos/nix:latest
   script:
+    - ./scripts/scanner/syft-install.sh
     - ./scripts/scanner/syft-mkdir.sh
+    - ./scripts/scanner/syft-go.sh
   artifacts:
     expire_in: 1 hour
     paths:
       - $CI_PROJECT_DIR/syft
 
 .generate_cve:
-  image: registry.internal.durp.info/anchore/grype:${GRYPE_VERSION}
+  image: registry.internal.durp.info/nixos/nix:latest
   script:
+    - ./scripts/scanner/grype-install.sh
     - ./scripts/scanner/grype.sh
   artifacts:
     expire_in: 1 hour