diff --git a/dangerzone/updater/attestations.py b/dangerzone/updater/attestations.py
index b8f5db7..bdf1ef6 100644
--- a/dangerzone/updater/attestations.py
+++ b/dangerzone/updater/attestations.py
@@ -57,7 +57,9 @@ def verify(
     on Github runners, and from a given repository.
     """
     cosign.ensure_installed()
-    policy = generate_cue_policy(repository, workflow, commit, branch)
+    policy = CUE_POLICY.format(
+        repository=repository, workflow=workflow, commit=commit, branch=branch
+    )
 
     # Put the value in files and verify with cosign
     with (