diff --git a/.woodpecker/ansible-lint.yml b/.woodpecker/ansible-lint.yml
index f9684613..b57eb0f9 100644
--- a/.woodpecker/ansible-lint.yml
+++ b/.woodpecker/ansible-lint.yml
@@ -1,6 +1,8 @@
 ---
 depends_on:
   - gitleaks
+  - lint
+
 steps:
   ansible-lint:
     image: quay.io/ansible/creator-ee@sha256:90298d88bc38f057e199523b8143c2c4cf9c159547ef93cf62d8861390c5600a
diff --git a/.woodpecker/lint.yml b/.woodpecker/lint.yml
new file mode 100644
index 00000000..851456c4
--- /dev/null
+++ b/.woodpecker/lint.yml
@@ -0,0 +1,26 @@
+---
+steps:
+  gitleaks:
+    image: zricethezav/gitleaks:v8.18.1@sha256:6945c62ca019ead32bc337ab0c9fd055e98d82961765d38b7ccccc84dae95d0f
+    commands:
+      - gitleaks detect --no-git --verbose --source $CI_WORKSPACE
+    when:
+      event:
+        exclude:
+          - tag
+
+  shellcheck:
+    image: registry.mgrote.net/allzweckcontainer
+    commands:
+      - |
+        find . -type f -not -path './.git/*' -not -path './collections/*' -not -path './friedhof/*' -exec file {} \; | while IFS= read -r line; do
+          if echo "$line" | grep -q "shell script"; then
+            file_path=$(echo "$line" | awk -F':' '{print $1}')
+            shellcheck "$file_path"
+          fi
+        done
+    when:
+      event:
+        exclude:
+          - tag
+...