diff --git a/.bandit b/.bandit
new file mode 100644
index 000000000..2d81286ae
--- /dev/null
+++ b/.bandit
@@ -0,0 +1,3 @@
+[bandit]
+exclude = tests
+skips = B101
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 4acdba261..b0eb2db49 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -32,3 +32,11 @@ repos:
         [
             'types-PyYAML',
         ]
+-   repo: https://github.com/PyCQA/bandit
+    rev: 1.7.5
+    hooks:
+    -   id: bandit
+        args: [
+            '--ini',
+            '.bandit',
+        ]