diff --git a/.github/workflows/pack.yml b/.github/workflows/pack.yml
index f59b66d..5a476a4 100644
--- a/.github/workflows/pack.yml
+++ b/.github/workflows/pack.yml
@@ -5,7 +5,32 @@ on:
   push:
     tags: ['v*']
 
+permissions:
+  contents: read
+
 jobs:
+  ci-passed:
+    if: startsWith(github.ref, 'refs/tags/v')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Verify CI succeeded on tagged commit
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          set -e
+          conclusions=$(gh api "repos/${{ github.repository }}/commits/${{ github.sha }}/check-runs" \
+            --jq '[.check_runs[] | select(.name | startswith("build-and-test")) | .conclusion]')
+          echo "build-and-test conclusions on ${{ github.sha }}: $conclusions"
+          if [ "$conclusions" = "[]" ]; then
+            echo "::error::No build-and-test check runs found for ${{ github.sha }} — was CI ever triggered?"
+            exit 1
+          fi
+          if echo "$conclusions" | grep -qvE '^\[("success",?\s*)+\]$'; then
+            echo "::error::At least one build-and-test check on ${{ github.sha }} did not succeed"
+            exit 1
+          fi
+          echo "CI green on ${{ github.sha }} ✓"
+
   pack-tarballs-and-windows:
     runs-on: ubuntu-latest
     steps:
@@ -81,3 +106,40 @@ jobs:
           path: dist/macos/*.pkg
           if-no-files-found: error
           retention-days: 30
+
+  draft-release:
+    needs: [ci-passed, pack-tarballs-and-windows, pack-macos]
+    if: startsWith(github.ref, 'refs/tags/v')
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Download build artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: bitmovin-cli-*
+          path: artifacts
+      - name: Compute SHA256SUMS for release assets
+        run: |
+          set -e
+          cd artifacts
+          {
+            find bitmovin-cli-tarballs-and-windows -type f \( -name '*.tar.gz' -o -name '*.tar.xz' -o -name '*.exe' \)
+            find bitmovin-cli-macos -type f -name '*.pkg'
+          } | while read -r f; do
+            hash=$(sha256sum "$f" | cut -d' ' -f1)
+            printf '%s  %s\n' "$hash" "$(basename "$f")"
+          done | LC_ALL=C sort -k2 > SHA256SUMS
+          cat SHA256SUMS
+      - name: Create draft release with installer assets
+        uses: softprops/action-gh-release@v2
+        with:
+          draft: true
+          generate_release_notes: true
+          fail_on_unmatched_files: true
+          files: |
+            artifacts/bitmovin-cli-tarballs-and-windows/*.tar.gz
+            artifacts/bitmovin-cli-tarballs-and-windows/*.tar.xz
+            artifacts/bitmovin-cli-tarballs-and-windows/win32/*.exe
+            artifacts/bitmovin-cli-macos/*.pkg
+            artifacts/SHA256SUMS
diff --git a/CHANGELOG.md b/CHANGELOG.md
index e8eb9f7..f9fcd0d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,7 +12,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Added `bitmovin encoding jobs live <id>` to show live encoding connection details, with JSON output support. Surfaces every assigned stream key (including the per-static-ingest-point keys used by redundant RTMP) and the SRT mode/host/port/path for SRT inputs.
 
   JSON shape note for anyone tracking the unreleased branch: the `--json` output now reports `streamKeys: [{value, ingestPointId, status}]` instead of the singular `streamKey` field that earlier iterations exposed. A `streamKey` alias is still emitted (equal to `streamKeys[0]?.value`) for one-off scripts; redundant RTMP setups should read `streamKeys[]` to get every per-ingest-point key.
-- CI workflow that builds standalone tarballs (macOS, Linux, Windows) plus macOS `.pkg` (signed with Developer ID Installer) and Windows `.exe` installers via `oclif pack` and uploads them as workflow artifacts for internal testing. macOS `.pkg` signature is verified via `pkgutil --check-signature` in CI. GitHub Release publishing, npm publishing, and macOS notarization will follow in subsequent changes.
+- CI workflow that builds standalone tarballs (macOS, Linux, Windows) plus macOS `.pkg` (signed with Developer ID Installer) and Windows `.exe` installers via `oclif pack` and uploads them as workflow artifacts for internal testing. macOS `.pkg` signature is verified via `pkgutil --check-signature` in CI. npm publishing and macOS notarization will follow in subsequent changes.
+- Tag-pushed `v*` runs now also create a draft GitHub Release with the tarballs, `.exe`, and signed `.pkg` files attached as individual downloadable assets, plus a `SHA256SUMS` file so users can verify downloads. Release creation is gated on a `ci-passed` job that asserts `ci.yml` (lint, build, tests) succeeded on the tagged commit. Drafts are invisible to non-maintainers; "Publish release" in the Releases UI flips visibility once contents are reviewed.
 
 ### Changed