diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 22d3ece1f..8f72511f7 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -19,8 +19,6 @@ on:
 
 jobs:
   analyze:
-    if: ${{ !github.event.pull_request.draft }}
-
     runs-on: ubuntu-latest
     container: debian:trixie-slim
     timeout-minutes: 20
diff --git a/.github/workflows/sonarcloud-analysis.yml b/.github/workflows/sonarcloud-analysis.yml
index 2000e89c2..10c5260cc 100644
--- a/.github/workflows/sonarcloud-analysis.yml
+++ b/.github/workflows/sonarcloud-analysis.yml
@@ -18,7 +18,9 @@ on:
     branches: [master]
 
 jobs:
-  sonarcloud-analysis:
+  analyze:
+    # This job would fail for contributors who open PRs as the workflow runs outside of our repo
+    # in this scenario. Having a var that only we set to true prevents this job from running.
     if: ${{ vars.SONAR_SCANNER_ENABLED }}
 
     runs-on: ubuntu-latest