diff --git a/.github/workflows/license-compliance.yml b/.github/workflows/license-compliance.yml
index 13494b7d..18fb5ee4 100644
--- a/.github/workflows/license-compliance.yml
+++ b/.github/workflows/license-compliance.yml
@@ -5,6 +5,10 @@ on:
     tags:
       - '*'
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false
+
 permissions:
   contents: write
 
@@ -114,4 +118,4 @@ jobs:
             sbom-cyclonedx-validation.txt
             license-compliance.zip
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ github.token }}
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index a92a62c1..883aa3b4 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -11,6 +11,10 @@ on:
     tags:
       - '*'
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false
+
 permissions:
   contents: write
   packages: write
@@ -79,19 +83,6 @@ jobs:
           name: packages
           path: ./packages/*.nupkg
 
-      # 上传许可证合规相关的工件文件，包括通知文件、第三方许可证、SBOM 文件及验证结果。
-      - name: Upload compliance artifacts
-        uses: actions/upload-artifact@v7
-        with:
-          name: license-compliance
-          path: |
-            NOTICE
-            THIRD_PARTY_LICENSES.md
-            sbom.spdx.json
-            sbom.cyclonedx.json
-            sbom-spdx-validation.txt
-            sbom-cyclonedx-validation.txt
-
   publish-nuget:
     name: Publish To NuGet.org
     runs-on: ubuntu-latest
@@ -215,13 +206,8 @@ jobs:
           name: packages
           path: ./packages
 
-      - name: Download compliance artifacts
-        uses: actions/download-artifact@v5
-        with:
-          name: license-compliance
-          path: .
-
-      # 无论某一侧包源发布是否失败，都继续创建 Release，并在正文中标注结果。
+      # 无论某一侧包源发布是否失败，都继续创建 Release。
+      # 合规工件由独立 workflow 生成，当前发布流不再假设这些文件在同一次运行中可用。
       - name: Create GitHub Release and Upload Assets
         uses: softprops/action-gh-release@v2
         with:
@@ -230,20 +216,9 @@ jobs:
           body: |
             Release created by CI for tag ${{ github.ref_name }}
             Package version: ${{ needs.build-pack.outputs.package_version }}
-
-            ## Compliance
-            - NOTICE
-            - THIRD_PARTY_LICENSES
-            - SPDX & CycloneDX SBOM
           draft: false
           prerelease: false
           files: |
             ./packages/*.nupkg
-            NOTICE
-            THIRD_PARTY_LICENSES.md
-            sbom.spdx.json
-            sbom.cyclonedx.json
-            sbom-spdx-validation.txt
-            sbom-cyclonedx-validation.txt
         env:
           GITHUB_TOKEN: ${{ github.token }}