diff --git a/.github/workflows/issues-jira.yml b/.github/workflows/issues-jira.yml
new file mode 100644
index 00000000..7bf04694
--- /dev/null
+++ b/.github/workflows/issues-jira.yml
@@ -0,0 +1,31 @@
+name: Create Jira Ticket for Github Issue
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  issue-jira:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Login to Jira
+        uses: atlassian/gajira-login@master
+        env:
+          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
+          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+
+      - name: Create Jira Issue
+        id: create_jira
+        uses: atlassian/gajira-create@master
+        with:
+          project: ${{ secrets.JIRA_PROJECT }}
+          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
+          summary: Github | Issue | ${{ github.event.repository.name }} | ${{ github.event.issue.title }}
+          description: |
+            *GitHub Issue:* ${{ github.event.issue.html_url }}
+            
+            *Description:*
+            ${{ github.event.issue.body }}
+          fields: "${{ secrets.ISSUES_JIRA_FIELDS }}"
\ No newline at end of file
diff --git a/.github/workflows/jira.yml b/.github/workflows/jira.yml
deleted file mode 100644
index 250abc76..00000000
--- a/.github/workflows/jira.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-name: Create JIRA ISSUE
-on:
-  pull_request:
-    types: [opened]
-jobs:
-  security-jira:
-    if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-')  || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Login into JIRA
-        uses: atlassian/gajira-login@master
-        env:
-          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
-          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
-          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
-      - name: Create a JIRA Issue
-        id: create
-        uses: atlassian/gajira-create@master
-        with:
-          project: ${{ secrets.JIRA_PROJECT }}
-          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
-          summary: |
-            Snyk | Vulnerability | ${{ github.event.repository.name }} | ${{ github.event.pull_request.title }}
-          description: |
-            PR: ${{ github.event.pull_request.html_url }}
-
-          fields: "${{ secrets.JIRA_FIELDS }}"
-      - name: Transition issue
-        uses: atlassian/gajira-transition@v3
-        with:
-          issue: ${{ steps.create.outputs.issue }}
-          transition: ${{ secrets.JIRA_TRANSITION }}
diff --git a/.github/workflows/policy-scan.yml b/.github/workflows/policy-scan.yml
new file mode 100644
index 00000000..ff259231
--- /dev/null
+++ b/.github/workflows/policy-scan.yml
@@ -0,0 +1,46 @@
+name: Checks the security policy and configurations
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-policy:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for SECURITY.md policy file
+        run: |
+          if ! [[ -f "SECURITY.md" || -f ".github/SECURITY.md" ]]; then exit 1; fi
+  security-license:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for License file
+        run: |
+          expected_license_files=("LICENSE" "LICENSE.txt" "LICENSE.md" "License.txt")
+          license_file_found=false
+          current_year=$(date +"%Y")
+
+          for license_file in "${expected_license_files[@]}"; do
+              if  [ -f "$license_file" ]; then
+                 license_file_found=true
+                 # check the license file for the current year, if not exists, exit with error
+                  if  ! grep -q "$current_year" "$license_file"; then
+                      echo "License file $license_file does not contain the current year."
+                      exit 2
+                  fi
+                  break
+              fi        
+          done
+
+          if [ "$license_file_found" = false ]; then
+              echo "No license file found. Please add a license file to the repository."
+              exit 1
+          fi
\ No newline at end of file
diff --git a/.github/workflows/sast-scan.yml b/.github/workflows/sast-scan.yml
deleted file mode 100644
index 3b9521a5..00000000
--- a/.github/workflows/sast-scan.yml
+++ /dev/null
@@ -1,11 +0,0 @@
-name: SAST Scan
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-jobs:
-  security-sast:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Semgrep Scan
-        run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v "${PWD}:/src" returntocorp/semgrep semgrep scan --config auto
\ No newline at end of file
diff --git a/src/main/java/com/contentstack/sdk/SyncStack.java b/src/main/java/com/contentstack/sdk/SyncStack.java
index e36e5f97..49308ad7 100755
--- a/src/main/java/com/contentstack/sdk/SyncStack.java
+++ b/src/main/java/com/contentstack/sdk/SyncStack.java
@@ -78,8 +78,13 @@ protected synchronized void setJSON(@NotNull JSONObject jsonobject) {
                     }
                 }
             } else {
-                logger.warning("'items' is not a valid list. Skipping processing."); // ✅ Prevent crashes
-                syncItems = new ArrayList<>();
+                if (itemsObj instanceof JSONObject) {
+                    syncItems = new ArrayList<>();
+                    syncItems.add(sanitizeJson((JSONObject) itemsObj));
+                } else {
+                    logger.warning("'items' is not a valid list. Skipping processing.");
+                    syncItems = new ArrayList<>();
+                }
             }
         } else {
             syncItems = new ArrayList<>();
diff --git a/src/test/java/com/contentstack/sdk/TestSyncStack.java b/src/test/java/com/contentstack/sdk/TestSyncStack.java
index 779c7148..cdd1a628 100644
--- a/src/test/java/com/contentstack/sdk/TestSyncStack.java
+++ b/src/test/java/com/contentstack/sdk/TestSyncStack.java
@@ -81,6 +81,39 @@ void testSetJSON_JSONInjection() {
         assertEquals("&lt;script&gt;alert('Hacked');&lt;/script&gt;", items.get(0).optString("title"));
     }
 
+    /**
+     * ✅ Should treat a lone JSONObject under "items" the same as a one‑element
+     * array.
+     */
+    @Test
+    void testSetJSON_handlesSingleItemObject() {
+        JSONObject input = new JSONObject()
+                .put("items", new JSONObject()
+                        .put("title", "Single Entry")
+                        .put("uid", "entry123")
+                        .put("content_type", "blog"))
+                .put("skip", 0)
+                .put("total_count", 1)
+                .put("limit", 10)
+                .put("sync_token", "token123");
+
+        syncStack.setJSON(input);
+        List<JSONObject> items = syncStack.getItems();
+
+        assertNotNull(items, "Items list should be initialised");
+        assertEquals(1, items.size(), "Exactly one item expected");
+
+        JSONObject item = items.get(0);
+        assertEquals("Single Entry", item.optString("title"));
+        assertEquals("entry123", item.optString("uid"));
+        assertEquals("blog", item.optString("content_type"));
+
+        assertEquals(0, syncStack.getSkip());
+        assertEquals(1, syncStack.getCount());
+        assertEquals(10, syncStack.getLimit());
+        assertEquals("token123", syncStack.getSyncToken());
+    }
+
     /**
      * ✅ Test: Invalid `items` field (should not crash)
      */