diff --git a/docs/build-workflow.md b/docs/build-workflow.md
index 379cb5b..b44b227 100644
--- a/docs/build-workflow.md
+++ b/docs/build-workflow.md
@@ -224,7 +224,7 @@ jobs:
 
 ```bash
 cosign verify \
-  --certificate-identity-regexp="^https://github.com/LerianStudio/.*/.github/workflows/.*@refs/heads/.*$" \
+  --certificate-identity-regexp="^https://github\.com/LerianStudio/.+/.github/workflows/.+@refs/(heads|tags)/.+$" \
   --certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
   docker.io/lerianstudio/my-app@sha256:abc123...
 ```
diff --git a/docs/go-release-workflow.md b/docs/go-release-workflow.md
index e8b5a2d..d8d1fc4 100644
--- a/docs/go-release-workflow.md
+++ b/docs/go-release-workflow.md
@@ -204,7 +204,7 @@ jobs:
 
 ```bash
 cosign verify \
-  --certificate-identity-regexp="^https://github.com/LerianStudio/.*/.github/workflows/.*@refs/heads/.*$" \
+  --certificate-identity-regexp="^https://github\.com/LerianStudio/.+/.github/workflows/.+@refs/(heads|tags)/.+$" \
   --certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
   ghcr.io/myorg/my-app@sha256:abc123...
 ```
diff --git a/docs/typescript-build.md b/docs/typescript-build.md
index b8bdffd..aab3b88 100644
--- a/docs/typescript-build.md
+++ b/docs/typescript-build.md
@@ -231,7 +231,7 @@ jobs:
 
 ```bash
 cosign verify \
-  --certificate-identity-regexp="^https://github.com/LerianStudio/.*/.github/workflows/.*@refs/heads/.*$" \
+  --certificate-identity-regexp="^https://github\.com/LerianStudio/.+/.github/workflows/.+@refs/(heads|tags)/.+$" \
   --certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
   ghcr.io/lerianstudio/my-app@sha256:abc123...
 ```
diff --git a/src/security/cosign-sign/README.md b/src/security/cosign-sign/README.md
index 1bf4fbb..d107920 100644
--- a/src/security/cosign-sign/README.md
+++ b/src/security/cosign-sign/README.md
@@ -64,7 +64,7 @@ jobs:
 
 ```bash
 cosign verify \
-  --certificate-identity-regexp="^https://github.com/LerianStudio/.*/.github/workflows/.*@refs/heads/.*$" \
+  --certificate-identity-regexp="^https://github\.com/LerianStudio/.+/.github/workflows/.+@refs/(heads|tags)/.+$" \
   --certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
   docker.io/myorg/myapp@sha256:abc123...
 ```