diff --git a/ql/test/query-tests/Security/CWE-571/.github/workflows/test.yml b/ql/test/query-tests/Security/CWE-571/.github/workflows/test.yml
index 30c4dcab932..4ed45ff973e 100644
--- a/ql/test/query-tests/Security/CWE-571/.github/workflows/test.yml
+++ b/ql/test/query-tests/Security/CWE-571/.github/workflows/test.yml
@@ -1,12 +1,12 @@
-name: Conditionally process PR
+name: Event
 
 on:
-  pull_request_target:
-    types: [opened, synchronize, reopened]
+  workflow_dispatch:
 
 jobs:
-  process-pr:
+  if-tests:
     runs-on: ubuntu-latest
+    permissions: {}
     steps:
       - name: Test 1 
         if: 1 == 2
@@ -36,10 +36,10 @@ jobs:
       - name: Test 7
         run: echo "Test 7 should not be printed"
         if: ${{ 
-              github.actor == 'torvalds' || 
-              github.actor == 'dependabot[bot]'
+              1 == 2 ||
+              3 == 4
           }}
-
+          
       - name: Test 8
         run: echo "Test 8 should not be printed"
         if: > 
@@ -87,3 +87,25 @@ jobs:
             false || 1 == 2
           )}}
         run: echo "Test 17 should not be printed"
+      - name: Test 18
+        if: ${{ github.event_name }} == 'foo'
+        run: echo "Test 18 should not be printed"
+      - name: Test 19
+        if: ${{ contains(fromJSON('["OWNER", "MEMBER"]'), github.event.pull_request.author_association )}} || github.actor == 'renovate[bot]'
+        run: echo "Test 19 should not be printed"
+      - name: Test 20
+        if: ${{ hashFiles('./docker/Dockerfile.debian') }} != ""
+        run: echo "Test 20 should not be printed"
+      - name: Test 21
+        if: >
+          ${{ github.event.workflow_run.event == 'pull_request' &&
+          github.event.workflow_run.conclusion == 'success' }}
+        run: echo "Test 21 should not be printed"
+      - name: Test 22
+        if: |
+          runner.os == 'Windows' && (
+            startsWith(inputs.node, 'v10.') ||
+            startsWith(inputs.node, 'v12.') ||
+            startsWith(inputs.node, 'v14.')
+          )
+        run: echo "Test 22 should not be printed"
diff --git a/ql/test/query-tests/Security/CWE-571/ExpressionIsAlwaysTrue.expected b/ql/test/query-tests/Security/CWE-571/ExpressionIsAlwaysTrue.expected
index a8f068c9cd8..d4c16131cc2 100644
--- a/ql/test/query-tests/Security/CWE-571/ExpressionIsAlwaysTrue.expected
+++ b/ql/test/query-tests/Security/CWE-571/ExpressionIsAlwaysTrue.expected
@@ -5,3 +5,7 @@
 | .github/workflows/test.yml:59:15:59:31 | " ${{ 1 == 2  }}" | Expression always evaluates to true |
 | .github/workflows/test.yml:79:13:82:14 | \|+ | Expression always evaluates to true |
 | .github/workflows/test.yml:85:13:88:14 | >+ | Expression always evaluates to true |
+| .github/workflows/test.yml:91:13:91:45 | ${{ git ... = 'foo' | Expression always evaluates to true |
+| .github/workflows/test.yml:94:13:94:141 | ${{ con ... e[bot]' | Expression always evaluates to true |
+| .github/workflows/test.yml:97:13:97:64 | ${{ has ... } != "" | Expression always evaluates to true |
+| .github/workflows/test.yml:100:13:102:63 | > | Expression always evaluates to true |