diff --git a/.github/workflows/release-prepare.yml b/.github/workflows/release-prepare.yml
index b5e6420..88c59ea 100644
--- a/.github/workflows/release-prepare.yml
+++ b/.github/workflows/release-prepare.yml
@@ -117,7 +117,7 @@ jobs:
         if: steps.check_pr.outputs.skip != 'true' && steps.check_commits.outputs.has_commits == 'true'
         id: create_pr
         env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.RELEASE_PAT || secrets.GITHUB_TOKEN }}
         run: |
           RELEASE_LABEL="${{ steps.bump.outputs.release_label }}"
           # Create a safe branch name from label (replace @ with - and , with -)
@@ -127,6 +127,11 @@ jobs:
           git config user.name "github-actions[bot]"
           git config user.email "github-actions[bot]@users.noreply.github.com"
 
+          # Re-auth origin so the push is authored by RELEASE_PAT, which fires
+          # downstream workflows. GITHUB_TOKEN pushes are suppressed by GitHub
+          # to prevent recursion, which stalls auto-merge on the release PR.
+          git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${{ github.repository }}.git"
+
           git checkout -b "$BRANCH_NAME"
           git add -A
           git commit -m "$(cat <<'EOF'
@@ -172,7 +177,7 @@ jobs:
       - name: Auto-merge release PR
         if: steps.create_pr.outputs.pr_url && github.event.inputs.auto_merge == 'true'
         env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.RELEASE_PAT || secrets.GITHUB_TOKEN }}
         run: |
           gh pr merge "${{ steps.create_pr.outputs.pr_url }}" --auto --squash