diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 2bc5214..b1d1bee 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -41,7 +41,6 @@ jobs:
           ruff check .
           black --check .
           pip-audit
-          safety check
 
       - name: ✅ Run tests & coverage
         run: |
@@ -102,6 +101,22 @@ jobs:
             dist/*.tar.gz
             dist/*.whl
           generate_release_notes: true
+  pypi:
+    name: 🐍 Publish to PyPI
+    runs-on: ubuntu-latest
+    needs: release
+    permissions:
+      id-token: write
+
+    steps:
+      - name: 📥 Download built artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: keynetra-release-artifacts
+          path: dist
+
+      - name: 🚀 Publish package to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
 
   docker:
     name: 🐳 Docker Multi-Platform
@@ -148,7 +163,7 @@ jobs:
         with:
           images: |
             keynetra/keynetra
-            ghcr.io/${{ github.repository }}/keynetra
+            ghcr.io/${{ github.repository }}
           tags: |
             type=ref,event=tag
             type=sha,prefix={{branch}}-
diff --git a/.safety-policy.yml b/.safety-policy.yml
deleted file mode 100644
index fbdbca4..0000000
--- a/.safety-policy.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-ignore-vulnerabilities:
-  64459:
-    reason: "Side-channel vulnerability in ecdsa not exploitable in this project"
-  64396:
-    reason: "ecdsa library limitation; project does not use ECDSA private key operations"