diff --git a/.github/branch-rules/main.json b/.github/branch-rules/main.json
new file mode 100644
index 0000000..6aacafd
--- /dev/null
+++ b/.github/branch-rules/main.json
@@ -0,0 +1,61 @@
+{
+  "name": "Main Branch",
+  "target": "branch",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "exclude": [],
+      "include": ["refs/heads/main"]
+    }
+  },
+  "rules": [
+    {
+      "type": "deletion"
+    },
+    {
+      "type": "non_fast_forward"
+    },
+    {
+      "type": "pull_request",
+      "parameters": {
+        "required_approving_review_count": 0,
+        "dismiss_stale_reviews_on_push": false,
+        "require_code_owner_review": false,
+        "require_last_push_approval": false,
+        "required_review_thread_resolution": false,
+        "automatic_copilot_code_review_enabled": true,
+        "allowed_merge_methods": ["merge"]
+      }
+    },
+    {
+      "type": "required_status_checks",
+      "parameters": {
+        "strict_required_status_checks_policy": false,
+        "do_not_enforce_on_create": false,
+        "required_status_checks": [
+          {
+            "context": "test"
+          }
+        ]
+      }
+    },
+    {
+      "type": "creation"
+    },
+    {
+      "type": "update"
+    }
+  ],
+  "bypass_actors": [
+    {
+      "actor_id": null,
+      "actor_type": "OrganizationAdmin",
+      "bypass_mode": "always"
+    },
+    {
+      "actor_id": 5,
+      "actor_type": "RepositoryRole",
+      "bypass_mode": "always"
+    }
+  ]
+}
diff --git a/.github/branch-rules/release.json b/.github/branch-rules/release.json
new file mode 100644
index 0000000..2e2bd5f
--- /dev/null
+++ b/.github/branch-rules/release.json
@@ -0,0 +1,38 @@
+{
+  "name": "Release Branches",
+  "target": "branch",
+  "source_type": "Repository",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "exclude": [],
+      "include": ["refs/heads/release/*"]
+    }
+  },
+  "rules": [
+    {
+      "type": "deletion"
+    },
+    {
+      "type": "non_fast_forward"
+    },
+    {
+      "type": "creation"
+    },
+    {
+      "type": "update"
+    }
+  ],
+  "bypass_actors": [
+    {
+      "actor_id": null,
+      "actor_type": "OrganizationAdmin",
+      "bypass_mode": "always"
+    },
+    {
+      "actor_id": 5,
+      "actor_type": "RepositoryRole",
+      "bypass_mode": "always"
+    }
+  ]
+}
diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml
index dfe1d23..6b857c0 100644
--- a/.github/workflows/claude.yml
+++ b/.github/workflows/claude.yml
@@ -18,6 +18,7 @@ jobs:
       (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
       (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
     runs-on: ubuntu-latest
+    timeout-minutes: 15
     permissions:
       contents: read
       pull-requests: read
diff --git a/.github/workflows/create-pr.yml b/.github/workflows/create-pr.yml
index 756c720..f17130b 100644
--- a/.github/workflows/create-pr.yml
+++ b/.github/workflows/create-pr.yml
@@ -31,8 +31,8 @@ on:
         default: true
 
 jobs:
-  action:
-    runs-on: ubuntu-latest # Use GitHub-hosted runners for memory-intensive git/Claude operations
+  create-pr:
+    runs-on: ubuntu-latest
     timeout-minutes: 10
     env:
       GH_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
diff --git a/.github/workflows/tag-release.yml b/.github/workflows/tag-release.yml
index d30196e..d8255e2 100644
--- a/.github/workflows/tag-release.yml
+++ b/.github/workflows/tag-release.yml
@@ -10,13 +10,13 @@ on:
     outputs:
       tag_name:
         description: 'The created tag name'
-        value: ${{ jobs.action.outputs.tag_name }}
+        value: ${{ jobs.tag.outputs.tag_name }}
       version:
         description: 'The version number'
-        value: ${{ jobs.action.outputs.version }}
+        value: ${{ jobs.tag.outputs.version }}
       release_url:
         description: 'The GitHub release URL'
-        value: ${{ jobs.action.outputs.release_url }}
+        value: ${{ jobs.tag.outputs.release_url }}
     secrets:
       ACTIONS_TOKEN:
         required: true
@@ -24,8 +24,8 @@ on:
         required: true
 
 jobs:
-  action:
-    runs-on: ubuntu-latest # Use GitHub-hosted runners for memory-intensive git/Claude operations
+  tag:
+    runs-on: ubuntu-latest
     timeout-minutes: 15
     permissions:
       contents: write
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index b0aaed6..9eecc43 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -7,9 +7,9 @@ on:
     types: [opened, synchronize, reopened]
 
 jobs:
-  action:
+  test:
     runs-on: ubuntu-latest
-
+    timeout-minutes: 5
     steps:
       - name: Checkout
         uses: actions/checkout@v4