diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index d1ced01..35bd98b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -24,13 +24,8 @@ jobs:
 
       - name: Run unit tests
         run: yarn test
-        
+
   scan:
     needs: lint_and_test
     if: github.event_name == 'pull_request'
     uses: circlefin/circle-public-github-workflows/.github/workflows/pr-scan.yaml@v1
-
-  release_sbom:
-    needs: lint_and_test
-    if: github.event_name == 'push'
-    uses: circlefin/circle-public-github-workflows/.github/workflows/attach-release-assets.yaml@v1
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 69559f1..6eee90b 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -1,15 +1,26 @@
-name: Tag Release
+name: PR Lint and Release
 
 on:
+  pull_request:
+    branches: [master]
   push:
     branches: [master]
 
 jobs:
-  release:
+  pr_lint_and_release:
     uses: circlefin/circle-public-github-workflows/.github/workflows/conventional-commit-release.yaml@v1
+    if: github.repository_owner == 'circlefin'
     with:
       release_type: node
+      lint_commits: false
     secrets:
       RELEASE_TOKEN: ${{ secrets.PUBLIC_RELEASES_TOKEN }}
       RELEASE_ACTOR_GPG_PRIVATE_KEY: ${{ secrets.PUBLIC_RELEASES_GPG_PRIVATE_KEY }}
       RELEASE_ACTOR_GPG_PASSPHRASE: ${{ secrets.PUBLIC_RELEASES_GPG_PASSPHRASE }}
+
+  release_sbom:
+    needs: pr_lint_and_release
+    if: github.event_name == 'push' && needs.pr_lint_and_release.outputs.release_created == 'true'
+    uses: circlefin/circle-public-github-workflows/.github/workflows/attach-release-assets.yaml@v1
+    with:
+      release_tag: ${{ needs.pr_lint_and_release.outputs.release_tag }}