diff --git a/README.md b/README.md
index 49b0305..a1daae1 100644
--- a/README.md
+++ b/README.md
@@ -55,7 +55,7 @@ jobs:
           id: vuln_count
           run: |
             report_file="report.json"
-            vuln_count=$(jq '.Results | length' "$report_file")
+            vuln_count=$(jq '[.Results[] | select(.Class=="os-pkgs") | .Vulnerabilities[]] | length' "$report_file")
             echo "vuln_count=$vuln_count" >> $GITHUB_OUTPUT
 
         - name: Copa Action
diff --git a/test/test.bats b/test/test.bats
index eb03f3f..511f2ab 100755
--- a/test/test.bats
+++ b/test/test.bats
@@ -15,6 +15,6 @@ teardown_file() {
 @test "Run trivy on patched image" {
     run trivy image --exit-code 1 --vuln-type os --ignore-unfixed -f json -o nginx.1.21.6-patched.json 'docker.io/library/nginx:1.21.6-patched'
     [ "$status" -eq 0 ]
-    vulns=$(jq '.Results[0].Vulnerabilities | length' nginx.1.21.6-patched.json)
+    vulns=$(jq '[.Results[] | select(.Class=="os-pkgs") | .Vulnerabilities[]] | length' nginx.1.21.6-patched.json)
     assert_equal "$vulns" "0"
 }