diff --git a/.citemplate.yml b/.citemplate.yml
new file mode 100644
index 0000000..c6d52f7
--- /dev/null
+++ b/.citemplate.yml
@@ -0,0 +1,19 @@
+version: 1
+preset: nextjs
+checks:
+  required: [ci, test]
+  license:
+    deny: [GPL-2.0, GPL-3.0]
+  security:
+    audit_level: critical
+    dependency_review: false
+    codeql: false
+    sbom: false
+    slsa_provenance: false
+    ossf_scorecard: false
+pr_feedback:
+  enabled: true
+  mode: aggregated
+  flaky_hints: true
+branches:
+  protected: [main]
diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml
new file mode 100644
index 0000000..5497258
--- /dev/null
+++ b/.github/workflows/commitlint.yml
@@ -0,0 +1,9 @@
+name: Commitlint
+on:
+  pull_request:
+    branches: [main]
+jobs:
+  commitlint:
+    uses: Solvely-Colin/solvely-launchpad/.github/workflows/commitlint.yml@v1
+    with:
+      strict: false
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
new file mode 100644
index 0000000..98c3b11
--- /dev/null
+++ b/.github/workflows/coverage.yml
@@ -0,0 +1,9 @@
+name: Coverage
+on:
+  push:
+    branches: [main]
+jobs:
+  coverage:
+    uses: Solvely-Colin/solvely-launchpad/.github/workflows/coverage.yml@v1
+    with:
+      package-manager: npm
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 2c804f2..530c6e7 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,64 +1,11 @@
-name: Release to npm
-
+name: Release
 on:
   release:
     types: [published]
-
-permissions: {}
-
 jobs:
-  publish:
-    name: Publish to npm
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    permissions:
-      contents: read
-    steps:
-      - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
-
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
-        with:
-          node-version: 22
-          cache: npm
-          registry-url: https://registry.npmjs.org
-
-      - run: npm ci
-      - run: npm run build
-      - run: npm publish --access public
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
-
-  release-notes:
-    name: Generate release notes
-    needs: publish
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    permissions:
-      contents: write
-    steps:
-      - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
-      - name: Update release notes
-        uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2
-        with:
-          generate_release_notes: true
-
-  smoke-test:
-    name: Post-publish smoke test
-    needs: publish
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    permissions:
-      contents: read
-    steps:
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
-        with:
-          node-version: 22
-          registry-url: https://registry.npmjs.org
-
-      - name: Wait for npm propagation and verify
-        run: |
-          VERSION=$(echo "${{ github.event.release.tag_name }}" | sed 's/^v//')
-          for i in $(seq 1 12); do
-            npm view quorum-ai@$VERSION version && break || sleep 10
-          done
-          npx -p quorum-ai@$VERSION quorum --version
+  release:
+    uses: Solvely-Colin/solvely-launchpad/.github/workflows/release.yml@v1
+    with:
+      package-name: quorum-ai
+    secrets:
+      npm-token: ${{ secrets.NPM_TOKEN }}
diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml
index 646b6b6..506a3cb 100644
--- a/.github/workflows/scheduled.yml
+++ b/.github/workflows/scheduled.yml
@@ -1,37 +1,11 @@
 name: Scheduled Maintenance
-
 on:
   schedule:
-    - cron: '0 9 * * 1' # Monday 9am UTC
+    - cron: '0 9 * * 1'
   workflow_dispatch:
 
-permissions:
-  contents: read
-  issues: write
-
 jobs:
-  audit:
-    name: Dependency audit
-    runs-on: ubuntu-latest
-    timeout-minutes: 10
-    steps:
-      - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
-        with:
-          node-version: 22
-          cache: npm
-      - run: npm ci
-      - run: npm audit --audit-level=high
-
-  stale:
-    name: Stale issues
-    runs-on: ubuntu-latest
-    timeout-minutes: 10
-    steps:
-      - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9
-        with:
-          stale-issue-message: 'This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.'
-          days-before-stale: 60
-          days-before-close: 14
-          stale-issue-label: stale
-          exempt-issue-labels: 'pinned,security,enhancement'
+  maintenance:
+    uses: Solvely-Colin/solvely-launchpad/.github/workflows/scheduled.yml@v1
+    with:
+      package-manager: npm
diff --git a/README.md b/README.md
index cdff087..f8613df 100644
--- a/README.md
+++ b/README.md
@@ -55,16 +55,16 @@ A **synthesis** phase follows: the runner-up (not the winner, to reduce bias) me
 
 Quorum auto-detects providers from environment variables:
 
-| Provider | Environment Variable | Install |
-|----------|---------------------|---------|
-| OpenAI | `OPENAI_API_KEY` | [platform.openai.com](https://platform.openai.com) |
-| Anthropic (Claude) | `ANTHROPIC_API_KEY` | [console.anthropic.com](https://console.anthropic.com) |
-| Google (Gemini) | `GOOGLE_GENERATIVE_AI_API_KEY` | [aistudio.google.com](https://aistudio.google.com) |
-| Kimi (Moonshot) | `KIMI_API_KEY` | [platform.moonshot.cn](https://platform.moonshot.cn) |
-| DeepSeek | `DEEPSEEK_API_KEY` | [platform.deepseek.com](https://platform.deepseek.com) |
-| Mistral | `MISTRAL_API_KEY` | [console.mistral.ai](https://console.mistral.ai) |
-| Groq | `GROQ_API_KEY` | [console.groq.com](https://console.groq.com) |
-| Ollama | *(local, no key)* | [ollama.com](https://ollama.com) |
+| Provider           | Environment Variable           | Install                                                |
+| ------------------ | ------------------------------ | ------------------------------------------------------ |
+| OpenAI             | `OPENAI_API_KEY`               | [platform.openai.com](https://platform.openai.com)     |
+| Anthropic (Claude) | `ANTHROPIC_API_KEY`            | [console.anthropic.com](https://console.anthropic.com) |
+| Google (Gemini)    | `GOOGLE_GENERATIVE_AI_API_KEY` | [aistudio.google.com](https://aistudio.google.com)     |
+| Kimi (Moonshot)    | `KIMI_API_KEY`                 | [platform.moonshot.cn](https://platform.moonshot.cn)   |
+| DeepSeek           | `DEEPSEEK_API_KEY`             | [platform.deepseek.com](https://platform.deepseek.com) |
+| Mistral            | `MISTRAL_API_KEY`              | [console.mistral.ai](https://console.mistral.ai)       |
+| Groq               | `GROQ_API_KEY`                 | [console.groq.com](https://console.groq.com)           |
+| Ollama             | _(local, no key)_              | [ollama.com](https://ollama.com)                       |
 
 ```bash
 # Set your keys, then:
@@ -74,6 +74,7 @@ quorum providers test          # verify they work
 ```
 
 Or add manually:
+
 ```bash
 quorum providers add --name deepseek --type deepseek --model deepseek-chat --env DEEPSEEK_API_KEY
 ```
@@ -156,8 +157,8 @@ challengeStyle: adversarial
 evidence: strict
 adaptive: balanced
 roles:
-  claude: "OWASP security expert"
-  kimi: "penetration tester"
+  claude: 'OWASP security expert'
+  kimi: 'penetration tester'
 votingMethod: condorcet
 ```
 
@@ -205,6 +206,7 @@ quorum mcp
 ```
 
 Add to Claude Desktop config:
+
 ```json
 {
   "mcpServers": {
@@ -235,3 +237,11 @@ npm run format                        # format
 ## License
 
 [MIT](LICENSE) © Colin Johnson
+
+## CI/CD
+
+Managed by `solvely-launchpad`. Update with:
+
+```bash
+npx solvely-launchpad migrate --from v1 --to v1.x
+```