diff --git a/src/macaron/malware_analyzer/pypi_heuristics/sourcecode/pypi_sourcecode_analyzer.py b/src/macaron/malware_analyzer/pypi_heuristics/sourcecode/pypi_sourcecode_analyzer.py
index a7924f98a..c742cf2b1 100644
--- a/src/macaron/malware_analyzer/pypi_heuristics/sourcecode/pypi_sourcecode_analyzer.py
+++ b/src/macaron/malware_analyzer/pypi_heuristics/sourcecode/pypi_sourcecode_analyzer.py
@@ -115,7 +115,7 @@ def _load_defaults(self, resources_path: str) -> tuple[str, str | None]:
             logger.debug(error_msg)
             raise ConfigurationError(error_msg)
 
-        semgrep_commands: list[str] = ["semgrep", "scan", "--validate", "--config", custom_rule_path]
+        semgrep_commands: list[str] = ["semgrep", "scan", "--validate", "--oss-only", "--config", custom_rule_path]
         try:
             process = subprocess.run(semgrep_commands, check=True, capture_output=True)  # nosec
         except (subprocess.CalledProcessError, subprocess.TimeoutExpired) as semgrep_error: