diff --git a/docs/user/actions/security.md b/docs/user/actions/security.md
index 3c0cb057..ade247f6 100644
--- a/docs/user/actions/security.md
+++ b/docs/user/actions/security.md
@@ -67,9 +67,9 @@ When using Actions, keep in mind the following considerations:
 
 - Carefully review changes to the workflows, and only approve workflows from trusted users.
 - Prefer `on.pull_request_target` over `on.pull_request` whenever possible.
-- Block users that aren't trusted to prevent them from running malicous workflows through PRs.
+- Block users that aren't trusted to prevent them from running malicious workflows through PRs.
 
 ### Secrets
 
 - Use the [secrets feature](../basic-concepts/#secrets) to store API tokens and passwords for use in workflows.
-- Do not print secrets to output, as these may be publically visible.
+- Do not print secrets to output, as these may be publicly visible.