diff --git a/.circleci/config.yml b/.circleci/config.yml
index d21d2c8..358724e 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -79,6 +79,16 @@ jobs:
       - run: *danger-pr
       - run: *fossa-analize
       - save_cache: *cache-modules
+  test-security:
+    <<: *defaults
+    steps:
+      - checkout
+      - restore_cache:
+          <<: *cache-defaults
+      - run: *security
+       - run:
+          name: Security audit for dev-dependencies
+          command: "npm audit"
   test-coverage:
     <<: *defaults
     steps:
@@ -149,6 +159,9 @@ workflows:
     jobs:
       - install:
           context: branches
+      - test-security:
+          requires:
+            - install
       - test-package:
           requires:
             - install
diff --git a/package.json b/package.json
index 0e102a3..0d96f7f 100644
--- a/package.json
+++ b/package.json
@@ -6,9 +6,9 @@
   "scripts": {
     "prepare": "babel src --out-dir ./lib --copy-files && husky install",
     "coveralls": "cat ./reports/coverage/lcov.info | coveralls",
-    "test:security": "npm audit && npm run test:lock",
+    "test:security": "npm audit --production && npm run test:lock",
     "test:lint": "eslint src bin tests --no-error-on-unmatched-pattern",
-    "test:mocha": "mocha  --config .mocharc.json 'tests/**/*test.js'",
+    "test:mocha": "mocha --config .mocharc.json 'tests/**/*test.js'",
     "test:package": "npt test -c .package-tester.json",
     "test:coverage": "BUILD=0 MODE=test nyc mocha --config .mocharc.json 'tests/**/*test.js'",
     "test:debt": "jscpd src --config .jscpd.json",