diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml
index 559719a..0d276a1 100644
--- a/.github/workflows/shellcheck.yml
+++ b/.github/workflows/shellcheck.yml
@@ -1,24 +1,11 @@
 name: shellcheck
 
-on:
-  push:
-    branches: [master, develop]
-  pull_request:
-    branches: [master]
+on: pull_request
 
 jobs:
-  Shellcheck:
-    name: Shellcheck
+  test:
     runs-on: ubuntu-latest
-
     steps:
-      - name: Code checkout
-        uses: actions/checkout@v2
-
-      - name: Check scripts with Shellcheck
-        uses: essentialkaos/shellcheck-action@v1
-        with:
-          files: hetzner-debian10-zfs-setup.sh hetzner-debian11-zfs-setup.sh hetzner-ubuntu18-zfs-setup.sh hetzner-ubuntu20-zfs-setup.sh 
-          severity: error
-          format: gcc
-          shell: bash
\ No newline at end of file
+    - uses: actions/checkout@v2
+    - name: Run shellcheck
+      run: ci/run_shellcheck.sh
\ No newline at end of file
diff --git a/ci/run_shellcheck.sh b/ci/run_shellcheck.sh
new file mode 100644
index 0000000..dc95072
--- /dev/null
+++ b/ci/run_shellcheck.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+set -o pipefail
+set -o errexit
+set -o nounset
+set -o errtrace
+shopt -s inherit_errexit
+
+# Always download the latest version:
+#
+# - it's fast and stable enough not to worry about it;
+# - the workflow is basically single-person, so there's no risk of a new dev encountering an error found
+#   by a new shellcheck version.
+
+mkdir -p /opt/shellcheck
+
+wget -qO- https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.linux.x86_64.tar.xz \
+  | tar xJv -O shellcheck-stable/shellcheck \
+  > /opt/shellcheck/shellcheck
+
+chmod +x /opt/shellcheck/shellcheck
+
+/opt/shellcheck/shellcheck --version
+
+grep -lZP '^#!/bin/\w+sh' -R | xargs -0 /opt/shellcheck/shellcheck
\ No newline at end of file