diff --git a/.github/workflows/roa.yml b/.github/workflows/roa.yml
index 2787abd..fa09944 100644
--- a/.github/workflows/roa.yml
+++ b/.github/workflows/roa.yml
@@ -21,39 +21,15 @@ jobs:
         shell: bash
         run: |
           sudo apt update -qq
-          sudo apt install -y python3 git openssh-client \
-                              python3-toml python3-tabulate
+          sudo apt install -y python3 git openssh-client
 
-      - name: Run roa script
+      - name: Run ROA script
         shell: bash
-        run: |
-          maxlen4=29
-          maxlen6=64
-          mkdir -p roa_dir
-          python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6}    -o roa_dir/roa46_bird2.conf
-          python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -4 -o roa_dir/roa4_bird2.conf
-          python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -6 -o roa_dir/roa6_bird2.conf
-          python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -j -o roa_dir/roa46.json
-          python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -e -o roa_dir/neonetwork.json
-          python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -r -o roa_dir/rfc8416.json
-          python3 scripts/roa.py --summary --output roa_dir/README.txt
+        run: .scripts/generate-roa.sh
 
-      - name: Upload files
-        env:
-          SSHPRIVKEY: ${{ secrets.KEY }}
-        shell: bash
-        run: |
-          cd roa_dir
-          [ -n "$SSHPRIVKEY" ] || (echo SSHPRIVKEY is not set; exit 1)
-          ( set -e;
-            mkdir -p ~/.ssh
-            echo "$SSHPRIVKEY" | base64 -d > ~/.ssh/id_ed25519
-            chmod 0600 ~/.ssh/id_ed25519
-            ssh -o StrictHostKeyChecking=no git@github.com || true
-            git init && git add .
-            git config user.name "neonet roa bot"
-            git config user.email "bot@github.com"
-            git commit -m "Generated at $(TZ='UTC' date +%Y%m%d-%H%M%S.%N)"
-            git push --force --quiet "git@github.com:NeoCloud/NeoNetwork-ROA.git" HEAD:master
-          ) || (shred ~/.ssh/id_ed25519; exit 1)
-          shred ~/.ssh/id_ed25519
+      - name: Push to NeoCloud/NeoNetwork-ROA
+        uses: ad-m/github-push-action@master
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          directory: generated
+          repository: NeoCloud/NeoNetwork-ROA
diff --git a/.github/workflows/test-your-pr.yml b/.github/workflows/test-your-pr.yml
index d4007c4..735056b 100644
--- a/.github/workflows/test-your-pr.yml
+++ b/.github/workflows/test-your-pr.yml
@@ -21,19 +21,8 @@ jobs:
         shell: bash
         run: |
           sudo apt update -qq
-          sudo apt install -y python3 git openssh-client \
-                              python3-toml python3-tabulate
+          sudo apt install -y python3 git openssh-client
 
-      - name: Run roa script
+      - name: Run ROA script
         shell: bash
-        run: |
-          maxlen4=29
-          maxlen6=64
-          mkdir -p roa_dir
-          python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6}    -o roa_dir/roa46_bird2.conf
-          python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -4 -o roa_dir/roa4_bird2.conf
-          python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -6 -o roa_dir/roa6_bird2.conf
-          python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -j -o roa_dir/roa46.json
-          python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -e -o roa_dir/neonetwork.json
-          python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -r -o roa_dir/rfc8416.json
-          python3 scripts/roa.py --summary --output roa_dir/README.txt
+        run: .scripts/generate-roa.sh
diff --git a/.scripts/.gitignore b/.scripts/.gitignore
new file mode 100644
index 0000000..fb9df04
--- /dev/null
+++ b/.scripts/.gitignore
@@ -0,0 +1 @@
+/.venv
\ No newline at end of file
diff --git a/scripts/dns-reverse-generator.py b/.scripts/dns-reverse-generator.py
similarity index 100%
rename from scripts/dns-reverse-generator.py
rename to .scripts/dns-reverse-generator.py
diff --git a/.scripts/generate-roa.sh b/.scripts/generate-roa.sh
new file mode 100755
index 0000000..a66ea30
--- /dev/null
+++ b/.scripts/generate-roa.sh
@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+set -xeuo pipefail
+IFS=$'\n\t'
+
+export MAX_LEN_4=29
+export MAX_LEN_6=64
+
+if [ ! -d .venv ]; then
+    python3 -m venv .venv
+fi
+
+source .venv/bin/activate
+
+mkdir -p "generated"
+pushed generated
+
+.scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -o roa46_bird2.conf
+.scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -4 -o roa4_bird2.conf
+.scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -6 -o roa6_bird2.conf
+.scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -j -o roa46.json
+.scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -e -o neonetwork.json
+.scripts/roa.py -m "$MAX_LEN_4" -M "$MAX_LEN_6" -r -o rfc8416.json
+.scripts/roa.py --summary --output README.txt
diff --git a/scripts/homepage-update.sh b/.scripts/homepage-update.sh
similarity index 100%
rename from scripts/homepage-update.sh
rename to .scripts/homepage-update.sh
diff --git a/scripts/makegraph.sh b/.scripts/makegraph.sh
similarity index 100%
rename from scripts/makegraph.sh
rename to .scripts/makegraph.sh
diff --git a/scripts/pretty-output.sh b/.scripts/pretty-output.sh
similarity index 100%
rename from scripts/pretty-output.sh
rename to .scripts/pretty-output.sh
diff --git a/.scripts/push-to-roa.sh b/.scripts/push-to-roa.sh
new file mode 100755
index 0000000..1554522
--- /dev/null
+++ b/.scripts/push-to-roa.sh
@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+set -xeuo pipefail
+IFS=$'\n\t'
+
+pushed roa_dir
+if [ -n "$SSHPRIVKEY" ]; then
+	echo SSHPRIVKEY is not set
+	exit 1
+fi
+mkdir -p "$HOME/.ssh"
+echo "$SSHPRIVKEY" | base64 -d >"$HOME/.ssh/id_ed25519"
+chmod 0600 "$HOME/.ssh/id_ed25519"
+ssh -o StrictHostKeyChecking=no git@github.com || true
+git init && git add .
+git config user.name "neonet roa bot"
+git config user.email "bot@github.com"
+git commit -m "Generated at $(TZ='UTC' date +%Y%m%d-%H%M%S.%N)"
+git push --force --quiet "git@github.com:NeoCloud/NeoNetwork-ROA.git" HEAD:master
diff --git a/.scripts/requirements.txt b/.scripts/requirements.txt
new file mode 100644
index 0000000..8c6f4d9
--- /dev/null
+++ b/.scripts/requirements.txt
@@ -0,0 +1,2 @@
+tabulate==0.8.7
+toml==0.10.1
diff --git a/scripts/roa.py b/.scripts/roa.py
similarity index 99%
rename from scripts/roa.py
rename to .scripts/roa.py
index d94f482..ccb2899 100755
--- a/scripts/roa.py
+++ b/.scripts/roa.py
@@ -11,6 +11,7 @@ from itertools import combinations
 from pathlib import Path
 
 import toml
+from tabulate import tabulate
 
 NEO_NETWORK_POOL = [ip_network("10.127.0.0/16"), ip_network("fd10:127::/32")]
 
@@ -238,8 +239,6 @@ def make_roa_records(roa4, roa6):
 
 
 def make_summary():
-    from tabulate import tabulate
-
     entities = dict(load_entities())
     asn_table = dict(load_asn(entities))
     node_table = node_to_asn(set(asn_table.keys()))
diff --git a/.vscode/settings.json b/.vscode/settings.json
index 3800c30..c347db2 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,4 +1,7 @@
 {
   "editor.formatOnSave": true,
+  "editor.codeActionsOnSave": {
+    "source.fixAll": true
+  },
   "python.formatting.provider": "black"
 }