diff --git a/ci-tools/vulnerability-scan b/ci-tools/vulnerability-scan
index d1b7a12e7baa358ab15fd55a23f09dd3a3a7dc57..870962fbb37683a9a0328f7aced7e84dae571673 100755
--- a/ci-tools/vulnerability-scan
+++ b/ci-tools/vulnerability-scan
@@ -21,8 +21,13 @@ OUTPUT=$1
 [ -e scan-target ] && rm -v scan-target
 nix-shell --run '
 set -x
-object=$(morph build morph/grid/testing/grid.nix 2>&1 | tail -n 1)
-ln -s "$object" scan-target
+if morph_result=$(morph build morph/grid/testing/grid.nix 2>&1); then
+  object=$(echo "$morph_result" | tail -n 1)
+  ln -s "$object" scan-target
+else
+  echo "$morph_result"
+  exit 1
+fi
 '
 
 nix-shell -p vulnix --run 'vulnix ./scan-target/' | tee "$OUTPUT"