diff --git a/action.yml b/action.yml
index dbf07cb7..143b59e2 100644
--- a/action.yml
+++ b/action.yml
@@ -13,6 +13,10 @@ inputs:
   github-token:
     description: 'The GITHUB_TOKEN secret'
     default: ${{ github.token }}
+  skip-commit-verification:
+    type: boolean
+    description: 'If true, the action will not expect Dependabot commits to be verified. This should be set as 'true' in GHES environments.'
+    default: false
 outputs:
   dependency-names:
     description: 'A comma-separated list of all package names updated.'
diff --git a/src/main.test.ts b/src/main.test.ts
index c863b229..94a67c77 100644
--- a/src/main.test.ts
+++ b/src/main.test.ts
@@ -10,6 +10,7 @@ beforeEach(() => {
   jest.spyOn(core, 'info').mockImplementation(jest.fn())
   jest.spyOn(core, 'setFailed').mockImplementation(jest.fn())
   jest.spyOn(core, 'startGroup').mockImplementation(jest.fn())
+  jest.spyOn(core, 'getBooleanInput').mockReturnValue(false)
 })
 
 test('it early exits with an error if github-token is not set', async () => {
diff --git a/src/main.ts b/src/main.ts
index 3a534546..232e3102 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -22,7 +22,7 @@ export async function run (): Promise<void> {
     const githubClient = github.getOctokit(token)
 
     // Validate the job
-    const commitMessage = await verifiedCommits.getMessage(githubClient, github.context)
+    const commitMessage = await verifiedCommits.getMessage(githubClient, github.context, core.getBooleanInput('skip-commit-verification'))
     const branchNames = util.getBranchNames(github.context)
     let alertLookup: updateMetadata.alertLookup | undefined
     if (core.getInput('alert-lookup')) {