diff --git a/.github/workflows/dual-approval-check.yaml b/.github/workflows/dual-approval-check.yaml
index 5127c64..57ef00f 100644
--- a/.github/workflows/dual-approval-check.yaml
+++ b/.github/workflows/dual-approval-check.yaml
@@ -1,22 +1,5 @@
 name: Dual Approval Check
 
-# Reusable workflow: verifies that both the CTO and QA bot accounts
-# have approved a pull request. Plugin repos call this on
-# pull_request_review events to get a required GitHub status check.
-#
-# Usage in a plugin repo's workflow:
-#
-#   on:
-#     pull_request_review:
-#       types: [submitted, dismissed]
-#     pull_request:
-#       types: [opened, reopened, synchronize]
-#
-#   jobs:
-#     dual-approval:
-#       uses: privilegedescalation/.github/.github/workflows/dual-approval-check.yaml@main
-#       secrets: inherit
-
 on:
   workflow_call:
     inputs:
@@ -50,8 +33,8 @@ jobs:
           PR_NUMBER: ${{ inputs.pr_number }}
           REPO: ${{ github.repository }}
         run: |
-          if [ -z "${PR_NUMBER}" ]; then
-            echo "::notice::No PR number in context (dismissed review?). Skipping dual approval check — no action needed."
+          if [ -z "${PR_NUMBER}" ] || [ "${PR_NUMBER}" = "null" ]; then
+            echo "::notice::No PR number in context (dismissed review or workflow_call without pr_number). Skipping dual approval check — no action needed."
             exit 0
           fi
 
@@ -62,11 +45,16 @@ jobs:
             -H "Accept: application/vnd.github.v3+json" \
             "https://api.github.com/repos/${REPO}/pulls/${PR_NUMBER}/reviews")
 
+          if [ -z "${REVIEWS}" ] || [ "${REVIEWS}" = "null" ]; then
+            echo "::warning::Could not fetch reviews for PR #${PR_NUMBER}. Assuming no approvals yet."
+            exit 1
+          fi
+
           CTO_APPROVED=$(echo "${REVIEWS}" | jq -r --arg user "${CTO_REVIEWER}" \
-            '[.[] | select(.user.login == $user or .user.login == ($user + "[bot]"))] | last | .state == "APPROVED"')
+            '[.[] | select(.user.login == $user or .user.login == ($user + "[bot]"))] | last | if .state then .state == "APPROVED" else false end')
 
           QA_APPROVED=$(echo "${REVIEWS}" | jq -r --arg user "${QA_REVIEWER}" \
-            '[.[] | select(.user.login == $user or .user.login == ($user + "[bot]"))] | last | .state == "APPROVED"')
+            '[.[] | select(.user.login == $user or .user.login == ($user + "[bot]"))] | last | if .state then .state == "APPROVED" else false end')
 
           echo "CTO (${CTO_REVIEWER}) approved: ${CTO_APPROVED}"
           echo "QA (${QA_REVIEWER}) approved: ${QA_APPROVED}"
@@ -82,4 +70,4 @@ jobs:
               echo "  Missing: QA approval from ${QA_REVIEWER}"
             fi
             exit 1
-          fi
+          fi
\ No newline at end of file