diff --git a/.github/workflows/README.md b/.github/workflows/README.md
new file mode 100644
index 00000000..7720b628
--- /dev/null
+++ b/.github/workflows/README.md
@@ -0,0 +1,19 @@
+# Workflows
+
+> 🔒 **Security Notice:** As this is a public repository, all automated triggers (on push/pull request) have been disabled to prevent PR hijacking and supply-chain vulnerabilities. Workflows must be triggered manually by organization members.
+
+### Maven Tests
+- Definition
+    - run `mvn clean install -B -ntp -Dua.test.integration=false`
+- Trigger
+    - workflow_dispatch (manual trigger) via the Actions tab. Select your target branch/PR before running.
+
+### Maven Release
+- Definition
+    - run `mvn release:prepare`
+    - run `mvn release:perform`
+    - push the release on gcs ua-ops-artifacts/airship-maven-artifacts
+- Trigger
+    - workflow_dispatch (manual trigger) via the Actions tab. Select your target branch/PR before running.
+
+📖 For full documentation on how these workflows and configuration files work, please refer to the [urbanairship/java-env repository](https://github.com/urbanairship/java-env#github-actions-and-workflows).
\ No newline at end of file
diff --git a/.github/workflows/maven-release.yaml b/.github/workflows/maven-release.yaml
new file mode 100644
index 00000000..27751c8a
--- /dev/null
+++ b/.github/workflows/maven-release.yaml
@@ -0,0 +1,82 @@
+name: Perform Maven Release (Standalone)
+
+on:
+  push:
+    branches:
+      - "INFRA-8096"
+  #workflow_dispatch:
+
+permissions:
+  contents: write
+
+env:
+  JAVA_VERSION: '11' #(8, 11, 17, 21)
+
+jobs:
+  maven-release:
+    name: Maven Release
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git User
+        run: |
+          git config user.email "actions@github.com"
+          git config user.name "GitHub Actions"
+
+      - name: Set up JDK & GPG / Sonatype Settings
+        uses: actions/setup-java@v5
+        with:
+          java-version: ${{ env.JAVA_VERSION }}
+          distribution: 'temurin'
+          cache: 'maven'
+          server-id: central
+          server-username: ${{ secrets.SONATYPE_USERNAME }}
+          server-password: ${{ secrets.SONATYPE_PASSWORD }}
+
+      - name: Verify GPG Key & Passphrase (Legacy Compatibility Bridge)
+        run: |
+            unset GNUPGHOME
+            mkdir -p ~/.gnupg
+            chmod 700 ~/.gnupg
+            
+            echo "$RAW_GPG_KEY" > private.key
+            gpg --batch --import private.key
+            rm private.key
+            
+            gpg --batch --export-secret-keys > /home/runner/.gnupg/secring.gpg
+            
+            mvn clean verify -B -ntp \
+              -DskipTests=true \
+              -Dmaven.javadoc.skip=true \
+              -Dgpg.passphrase="$GPG_PASSPHRASE" \
+              -Dgpg.keyname="95BCB1665C76C3A6" \
+              -Dgpg.secretKeyring="/home/runner/.gnupg/secring.gpg" \
+              -Dgpg.arguments="--pinentry-mode=loopback"
+        env:
+            RAW_GPG_KEY: ${{ secrets.SONATYPE_GPG_PRIVATE_KEY }}
+            GPG_PASSPHRASE: ${{ secrets.SONATYPE_GPG_PASSPHRASE }}
+
+#      - name: Run Maven Release
+#        run: |
+#          mvn -B -ntp \
+#            -Darguments="-Dmaven.javadoc.skip=true -DskipTests=true -DaltReleaseDeploymentRepository=releases::default::gs://airship-maven-artifacts/releases -DaltDeploymentRepository=releases::default::gs://airship-maven-artifacts/releases" \
+#            -Dresume=false \
+#            -DscmCommentPrefix="[github] [skip ci] " \
+#            -DtagNameFormat=@{project.version} \
+#            -DpushChanges=false \
+#            -DlocalCheckout=true \
+#            release:prepare release:perform
+#        env:
+#          SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
+#          SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
+
+#      - name: Push Changes & Tags
+#        if: success()
+#        run: |
+#          git push origin master
+#          git push origin --tags
\ No newline at end of file
diff --git a/.github/workflows/maven-tests.yaml b/.github/workflows/maven-tests.yaml
new file mode 100644
index 00000000..c50d954f
--- /dev/null
+++ b/.github/workflows/maven-tests.yaml
@@ -0,0 +1,41 @@
+name: Maven Tests (Standalone)
+
+run-name: Maven Tests on branch ${{ github.ref_name }}
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+on:
+  workflow_dispatch:
+
+env:
+  JAVA_VERSION: '11' #( 8, 11, 17, 21)
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v6
+
+      - name: Configure Git User
+        run: |
+          git config user.email "actions@github.com"
+          git config user.name "GitHub Actions"
+
+      - name: Set up JDK
+        uses: actions/setup-java@v5
+        with:
+          java-version: ${{ env.JAVA_VERSION }}
+          distribution: 'temurin'
+          cache: 'maven'
+
+#      - name: Authenticate to Google Cloud
+#        uses: google-github-actions/auth@v3
+#        with:
+#          credentials_json: ${{ secrets.JAVA_BUILD_PUBLIC_SA_KEY }}
+
+      - name: Build with Maven
+        run: mvn clean install -B -ntp -Dgpg.skip=true
\ No newline at end of file