diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8e79428..171277b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -162,3 +162,45 @@ jobs:
           test ! -e "$abyss_home/.gemini/GEMINI.md"
           test ! -e "$abyss_home/.gemini/skills"
           test ! -e "$abyss_home/.gemini/.sage-backup"
+
+  smoke-openclaw:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+    steps:
+      - uses: actions/checkout@v5
+      - uses: actions/setup-node@v5
+        with:
+          node-version: 20
+      - run: npm ci
+      - name: Pack npm tarball
+        shell: bash
+        run: npm pack
+      - name: Smoke install/uninstall OpenClaw target
+        shell: bash
+        run: |
+          set -euo pipefail
+
+          pkg_tgz="$(ls code-abyss-*.tgz | head -n 1)"
+          abyss_home="$RUNNER_TEMP/abyss-home"
+          rm -rf "$abyss_home"
+          mkdir -p "$abyss_home"
+
+          export HOME="$abyss_home"
+          export USERPROFILE="$abyss_home"
+
+          npx --yes --package "./$pkg_tgz" code-abyss --target openclaw -y
+
+          test -d "$abyss_home/.openclaw/skills"
+          test -f "$abyss_home/.openclaw/workspace/AGENTS.md"
+          test -f "$abyss_home/.openclaw/workspace/SOUL.md"
+          test -f "$abyss_home/.openclaw/.sage-uninstall.js"
+          test ! -e "$abyss_home/.openclaw/commands"
+          test ! -e "$abyss_home/.openclaw/skills/gstack"
+
+          npx --yes --package "./$pkg_tgz" code-abyss --uninstall openclaw
+
+          test ! -e "$abyss_home/.openclaw/skills"
+          test ! -e "$abyss_home/.openclaw/.sage-backup"
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..6b09076
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,50 @@
+name: Release
+
+on:
+  release:
+    types: [published]
+
+permissions:
+  contents: read
+  id-token: write
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    env:
+      FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
+    steps:
+      - name: Checkout release tag
+        uses: actions/checkout@v5
+        with:
+          ref: ${{ github.event.release.tag_name }}
+
+      - name: Setup Node
+        uses: actions/setup-node@v5
+        with:
+          node-version: 20
+          registry-url: https://registry.npmjs.org
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Verify tag matches package.json version
+        run: |
+          tag="${GITHUB_REF_NAME#v}"
+          pkg=$(node -p "require('./package.json').version")
+          if [ "$tag" != "$pkg" ]; then
+            echo "::error::Tag ${GITHUB_REF_NAME} (=$tag) does not match package.json version $pkg"
+            exit 1
+          fi
+          echo "Tag and package.json both at $pkg"
+
+      - name: Run tests
+        run: npm test
+
+      - name: Verify skills contract
+        run: npm run verify:skills
+
+      - name: Publish to npm
+        run: npm publish --access public --provenance
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}