diff --git a/.github/workflows/auto_merge_optimization_pr.yml b/.github/workflows/auto_merge_optimization_pr.yml
new file mode 100644
index 0000000..18d4620
--- /dev/null
+++ b/.github/workflows/auto_merge_optimization_pr.yml
@@ -0,0 +1,94 @@
+name: Auto Merge Optimization PR
+
+"on":
+  workflow_run:
+    workflows: ["CI"]
+    types: [completed]
+
+jobs:
+  auto-merge:
+    if: github.event.workflow_run.conclusion == 'success' && startsWith(github.event.workflow_run.head_branch, 'automation/monthly-optimization-issue-')
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v6
+
+      - name: Resolve automation PR
+        id: pr
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          mkdir -p data/output/auto_merge
+          BRANCH_NAME="${{ github.event.workflow_run.head_branch }}"
+          PR_NUMBER=$(gh pr list --state open --head "${BRANCH_NAME}" --json number --jq '.[0].number // empty')
+          if [ -z "${PR_NUMBER}" ]; then
+            echo "No open automation PR found for ${BRANCH_NAME}." >> "$GITHUB_STEP_SUMMARY"
+            exit 0
+          fi
+          echo "pr_number=${PR_NUMBER}" >> "$GITHUB_OUTPUT"
+
+      - name: Evaluate merge eligibility
+        id: merge_guard
+        if: steps.pr.outputs.pr_number != ''
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh pr view "${{ steps.pr.outputs.pr_number }}" --json number,isDraft,body,url,files > data/output/auto_merge/pr.json
+          python3 - <<'PY'
+          import json
+          import os
+          from pathlib import Path
+
+          from scripts.prepare_auto_optimization_pr import evaluate_changed_files
+
+          pr = json.loads(Path("data/output/auto_merge/pr.json").read_text(encoding="utf-8"))
+          body = pr.get("body") or ""
+          changed_files = [item.get("path", "") for item in pr.get("files", [])]
+          guard = evaluate_changed_files(changed_files)
+          has_marker = "<!-- auto-optimization-pr:issue-" in body
+          task_level_allowed = "Task-level auto-merge eligible: `yes`" in body
+          should_merge = has_marker and task_level_allowed and not pr.get("isDraft") and guard["allowed"]
+          if not has_marker:
+              reason = "missing_marker"
+          elif not task_level_allowed:
+              reason = "task_level_guard"
+          elif pr.get("isDraft"):
+              reason = "draft_pr"
+          elif not guard["allowed"]:
+              reason = "sensitive_changed_files"
+          else:
+              reason = "ready"
+
+          summary_lines = [
+              "## Auto-Merge Gate",
+              f"- PR: {pr['url']}",
+              f"- Draft: `{ 'yes' if pr.get('isDraft') else 'no' }`",
+              f"- Task-level auto-merge eligible: `{ 'yes' if task_level_allowed else 'no' }`",
+              f"- Sensitive files touched: `{len(guard['blocked_files'])}`",
+              f"- Final merge decision: `{ 'merge' if should_merge else 'skip' }`",
+              f"- Reason: `{reason}`",
+          ]
+          if guard["blocked_files"]:
+              summary_lines.append("")
+              summary_lines.append("### Sensitive changed files")
+              summary_lines.extend(f"- `{path}`" for path in guard["blocked_files"])
+          Path("data/output/auto_merge/summary.md").write_text("\n".join(summary_lines).strip() + "\n", encoding="utf-8")
+          with open(os.environ["GITHUB_OUTPUT"], "a", encoding="utf-8") as output:
+              print(f"should_merge={'true' if should_merge else 'false'}", file=output)
+              print(f"reason={reason}", file=output)
+              print(f"pr_url={pr['url']}", file=output)
+          PY
+
+      - name: Append merge summary
+        if: steps.pr.outputs.pr_number != ''
+        run: cat data/output/auto_merge/summary.md >> "$GITHUB_STEP_SUMMARY"
+
+      - name: Merge automation PR
+        if: steps.merge_guard.outputs.should_merge == 'true'
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: gh pr merge "${{ steps.pr.outputs.pr_number }}" --rebase --delete-branch
diff --git a/.github/workflows/auto_optimization_pr.yml b/.github/workflows/auto_optimization_pr.yml
index c5537f2..2d4ad7c 100644
--- a/.github/workflows/auto_optimization_pr.yml
+++ b/.github/workflows/auto_optimization_pr.yml
@@ -93,9 +93,7 @@ jobs:
       - name: Prepare auto optimization payload
         id: auto_payload
         run: |
-          python3 scripts/prepare_auto_optimization_pr.py \
-            --issue-context-file data/output/auto_optimization/issue_context.json \
-            --output-dir data/output/auto_optimization >> "$GITHUB_OUTPUT"
+          python3 scripts/prepare_auto_optimization_pr.py             --issue-context-file data/output/auto_optimization/issue_context.json             --output-dir data/output/auto_optimization >> "$GITHUB_OUTPUT"
 
       - name: Append task summary
         run: cat data/output/auto_optimization/task_summary.md >> "$GITHUB_STEP_SUMMARY"
@@ -115,7 +113,7 @@ jobs:
           if [ -f data/output/auto_optimization/skip_reason.txt ]; then
             cat data/output/auto_optimization/skip_reason.txt >> "$GITHUB_STEP_SUMMARY"
           else
-            echo "No eligible low-risk auto-pr-safe tasks were found; skipping draft PR generation." >> "$GITHUB_STEP_SUMMARY"
+            echo "No eligible low-risk auto-pr-safe tasks were found; skipping automation." >> "$GITHUB_STEP_SUMMARY"
           fi
 
       - name: Prepare automation branch
@@ -137,16 +135,17 @@ jobs:
           claude_args: --max-turns 8
           prompt: |
             Do not ask for additional approval.
-            Do not create a pull request yourself. The workflow will handle git, draft PR creation, and CI dispatch.
+            Do not create a pull request yourself. The workflow will handle git, PR creation, CI dispatch, and post-CI merge.
             Only implement the low-risk tasks explicitly marked `[auto-pr-safe]`.
             Ignore any medium-risk or high-risk tasks.
             You are working inside CryptoLeaderRotation, the upstream selector repository.
             Prefer minimal changes in documentation, report wording, validation, shadow/challenger plumbing, instrumentation, and tests.
             Do not change production selector logic or ranking behavior from this issue alone.
             If an eligible task is marked `experiment-only`, keep the change non-production.
+            Never edit files under src/ or config/ in this automation step.
             If the selected low-risk tasks already appear implemented on the current main branch, leave the working tree unchanged.
             Do not use Bash in this workflow. Limit yourself to file edits and repository-local reasoning.
-            The workflow will run CI after the draft PR is created.
+            The workflow will run CI after the PR is created.
 
             ## Issue Title
             ${{ steps.issue_context.outputs.issue_title }}
@@ -164,6 +163,60 @@ jobs:
             echo "has_changes=true" >> "$GITHUB_OUTPUT"
           fi
 
+      - name: Evaluate merge guardrails
+        id: merge_guard
+        if: steps.changes.outputs.has_changes == 'true'
+        run: |
+          git diff --name-only --relative > data/output/auto_optimization/changed_files.txt
+          python3 - <<'PY'
+          import json
+          import os
+          from pathlib import Path
+
+          from scripts.prepare_auto_optimization_pr import evaluate_changed_files
+
+          output_dir = Path("data/output/auto_optimization")
+          payload = json.loads((output_dir / "payload.json").read_text(encoding="utf-8"))
+          changed_files = [
+              line.strip()
+              for line in (output_dir / "changed_files.txt").read_text(encoding="utf-8").splitlines()
+              if line.strip()
+          ]
+          guard = evaluate_changed_files(changed_files)
+          merge_ready = bool(payload.get("task_level_auto_merge_allowed")) and bool(guard["allowed"])
+          if not payload.get("task_level_auto_merge_allowed"):
+              reason = "task_level_guard"
+          elif not guard["allowed"]:
+              reason = "sensitive_changed_files"
+          else:
+              reason = "ready"
+
+          summary_lines = [
+              "## Merge Guardrails",
+              f"- Task-level auto-merge eligible: `{ 'yes' if payload.get('task_level_auto_merge_allowed') else 'no' }`",
+              f"- Changed files reviewed: `{len(changed_files)}`",
+              f"- Sensitive files touched: `{len(guard['blocked_files'])}`",
+          ]
+          if guard["blocked_files"]:
+              summary_lines.append("")
+              summary_lines.append("### Sensitive changed files")
+              summary_lines.extend(f"- `{path}`" for path in guard["blocked_files"])
+          if merge_ready:
+              summary_lines.extend(["", "Ready PR is allowed; the follow-up auto-merge workflow may merge after CI succeeds."])
+          else:
+              summary_lines.extend(["", f"PR will stay draft. Guard reason: `{reason}`"])
+
+          (output_dir / "guard_summary.md").write_text("\n".join(summary_lines).strip() + "\n", encoding="utf-8")
+          with open(os.environ["GITHUB_OUTPUT"], "a", encoding="utf-8") as output:
+              print(f"merge_ready={'true' if merge_ready else 'false'}", file=output)
+              print(f"guard_reason={reason}", file=output)
+              print(f"blocked_file_count={len(guard['blocked_files'])}", file=output)
+          PY
+
+      - name: Append merge guard summary
+        if: steps.changes.outputs.has_changes == 'true'
+        run: cat data/output/auto_optimization/guard_summary.md >> "$GITHUB_STEP_SUMMARY"
+
       - name: Commit and push automation branch
         if: steps.changes.outputs.has_changes == 'true'
         run: |
@@ -171,8 +224,8 @@ jobs:
           git commit -m "${{ steps.auto_payload.outputs.commit_message }}"
           git push --force-with-lease origin "${{ steps.auto_payload.outputs.branch_name }}"
 
-      - name: Create or update draft PR
-        id: draft_pr
+      - name: Create or update automation PR
+        id: automation_pr
         if: steps.changes.outputs.has_changes == 'true'
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -180,16 +233,37 @@ jobs:
           BRANCH_NAME="${{ steps.auto_payload.outputs.branch_name }}"
           PR_TITLE="${{ steps.auto_payload.outputs.pr_title }}"
           PR_BODY_FILE="${{ steps.auto_payload.outputs.pr_body_file }}"
+          MERGE_READY="${{ steps.merge_guard.outputs.merge_ready }}"
           EXISTING_PR_NUMBER=$(gh pr list --state open --head "${BRANCH_NAME}" --json number --jq '.[0].number // empty')
           if [ -n "${EXISTING_PR_NUMBER}" ]; then
             gh pr edit "${EXISTING_PR_NUMBER}" --title "${PR_TITLE}" --body-file "${PR_BODY_FILE}"
+            if [ "${MERGE_READY}" = "true" ]; then
+              gh pr ready "${EXISTING_PR_NUMBER}" || true
+              PR_STATE="ready_for_review"
+            else
+              gh pr ready "${EXISTING_PR_NUMBER}" --undo || true
+              PR_STATE="draft"
+            fi
             PR_URL=$(gh pr view "${EXISTING_PR_NUMBER}" --json url --jq '.url')
+            PR_NUMBER="${EXISTING_PR_NUMBER}"
             echo "pr_action=updated" >> "$GITHUB_OUTPUT"
           else
-            PR_URL=$(gh pr create --draft --base main --head "${BRANCH_NAME}" --title "${PR_TITLE}" --body-file "${PR_BODY_FILE}")
+            CREATE_ARGS=(--base main --head "${BRANCH_NAME}" --title "${PR_TITLE}" --body-file "${PR_BODY_FILE}")
+            if [ "${MERGE_READY}" != "true" ]; then
+              CREATE_ARGS=(--draft "${CREATE_ARGS[@]}")
+            fi
+            PR_URL=$(gh pr create "${CREATE_ARGS[@]}")
+            PR_NUMBER=$(gh pr view "${PR_URL}" --json number --jq '.number')
+            if [ "${MERGE_READY}" = "true" ]; then
+              PR_STATE="ready_for_review"
+            else
+              PR_STATE="draft"
+            fi
             echo "pr_action=created" >> "$GITHUB_OUTPUT"
           fi
           echo "pr_url=${PR_URL}" >> "$GITHUB_OUTPUT"
+          echo "pr_number=${PR_NUMBER}" >> "$GITHUB_OUTPUT"
+          echo "pr_state=${PR_STATE}" >> "$GITHUB_OUTPUT"
 
       - name: Dispatch CI workflow on automation branch
         if: steps.changes.outputs.has_changes == 'true'
@@ -203,10 +277,15 @@ jobs:
           if [ "${{ steps.changes.outputs.has_changes }}" = "true" ]; then
             {
               echo ""
-              echo "## Draft PR Result"
-              echo "- Draft PR ${{ steps.draft_pr.outputs.pr_action }}: ${{ steps.draft_pr.outputs.pr_url }}"
+              echo "## Automation PR Result"
+              echo "- PR ${{ steps.automation_pr.outputs.pr_action }}: ${{ steps.automation_pr.outputs.pr_url }}"
+              echo "- PR state: `${{ steps.automation_pr.outputs.pr_state }}`"
+              echo "- Guard reason: `${{ steps.merge_guard.outputs.guard_reason }}`"
               echo "- CI workflow dispatched on branch: `${{ steps.auto_payload.outputs.branch_name }}`"
             } >> "$GITHUB_STEP_SUMMARY"
+            if [ "${{ steps.merge_guard.outputs.merge_ready }}" = "true" ]; then
+              echo "Auto-merge will be handled only after a successful CI workflow run." >> "$GITHUB_STEP_SUMMARY"
+            fi
           else
             echo "No code changes were produced for the selected low-risk tasks." >> "$GITHUB_STEP_SUMMARY"
           fi
diff --git a/.github/workflows/monthly_optimization_planner.yml b/.github/workflows/monthly_optimization_planner.yml
index 1311c7b..13b555c 100644
--- a/.github/workflows/monthly_optimization_planner.yml
+++ b/.github/workflows/monthly_optimization_planner.yml
@@ -212,64 +212,22 @@ jobs:
               print(f"issue_number={fanout.get('issue_number') or ''}", file=output)
           PY
 
-      - name: Trigger BinancePlatform experiment validation by label
+      - name: Best-effort label BinancePlatform issue for experiment validation
         if: steps.downstream_experiment_target.outputs.should_dispatch == 'true'
         env:
-          GITHUB_TOKEN: ${{ secrets.CROSS_REPO_GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.CROSS_REPO_GITHUB_TOKEN }}
           TARGET_REPO: ${{ inputs.downstream_repo }}
           ISSUE_NUMBER: ${{ steps.downstream_experiment_target.outputs.issue_number }}
         run: |
-          python3 - <<'PY'
-          import json
-          import os
-          import urllib.error
-          import urllib.parse
-          import urllib.request
-
-          token = os.environ["GITHUB_TOKEN"]
-          repo = os.environ["TARGET_REPO"]
-          issue_number = os.environ["ISSUE_NUMBER"]
-          label_name = "experiment-validation"
-          api_base = f"https://api.github.com/repos/{repo}"
-          headers = {
-              "Authorization": f"Bearer {token}",
-              "Accept": "application/vnd.github+json",
-              "X-GitHub-Api-Version": "2022-11-28",
-              "User-Agent": "monthly-optimization-planner",
-          }
-
-          def request_json(method: str, url: str, payload: dict | None = None):
-              data = None
-              if payload is not None:
-                  data = json.dumps(payload).encode("utf-8")
-              request = urllib.request.Request(url, data=data, method=method, headers=headers)
-              with urllib.request.urlopen(request) as response:
-                  raw = response.read().decode("utf-8")
-              return json.loads(raw) if raw else {}
-
-          label_path = urllib.parse.quote(label_name, safe="")
-          try:
-              request_json("GET", f"{api_base}/labels/{label_path}")
-          except urllib.error.HTTPError as exc:
-              if exc.code != 404:
-                  raise
-              request_json(
-                  "POST",
-                  f"{api_base}/labels",
-                  {
-                      "name": label_name,
-                      "color": "1D76DB",
-                      "description": "Trigger experiment validation for monthly optimization tasks",
-                  },
-              )
-
-          issue = request_json("GET", f"{api_base}/issues/{issue_number}")
-          existing_labels = [label["name"] for label in issue.get("labels", [])]
-          if label_name in existing_labels:
-              request_json("DELETE", f"{api_base}/issues/{issue_number}/labels/{label_path}")
-          request_json("POST", f"{api_base}/issues/{issue_number}/labels", {"labels": [label_name]})
-          print(f"Toggled {label_name} on issue #{issue_number} in {repo}")
-          PY
+          set +e
+          gh label create experiment-validation             --repo "$TARGET_REPO"             --color 1D76DB             --description "Trigger experiment validation for monthly optimization tasks"             --force
+          label_status=$?
+          gh issue edit "$ISSUE_NUMBER"             --repo "$TARGET_REPO"             --add-label experiment-validation
+          issue_status=$?
+          set -e
+          if [ "$label_status" -ne 0 ] || [ "$issue_status" -ne 0 ]; then
+            echo "Downstream experiment-validation label update skipped for $TARGET_REPO#$ISSUE_NUMBER." >> "$GITHUB_STEP_SUMMARY"
+          fi
 
       - name: Dispatch BinancePlatform experiment validation
         if: steps.downstream_experiment_target.outputs.should_dispatch == 'true'
diff --git a/scripts/prepare_auto_optimization_pr.py b/scripts/prepare_auto_optimization_pr.py
index 6a1ec44..d81d383 100644
--- a/scripts/prepare_auto_optimization_pr.py
+++ b/scripts/prepare_auto_optimization_pr.py
@@ -12,6 +12,99 @@
 SOURCE_RE = re.compile(r"^\s+- Source: \[(?P<label>.+?)\]\((?P<url>[^)]+)\)$")
 MARKER_PREFIX = "<!-- auto-optimization-pr:issue-"
 PROJECT_ROOT = Path(__file__).resolve().parents[1]
+AUTO_MERGE_SAFE_TERMS = (
+    "readme",
+    "documentation",
+    "document ",
+    "document and",
+    "docs",
+    "operator runbook",
+    "workflow",
+    "ci",
+    "report wording",
+    "report format",
+    "report template",
+    "telemetry",
+    "diagnostic",
+    "instrumentation",
+    "unit test",
+    "tests",
+    "test coverage",
+)
+AUTO_MERGE_BLOCK_TERMS = {
+    "CryptoLeaderRotation": (
+        "tie-break",
+        "tie break",
+        "ranking",
+        "rank labels",
+        "rank order",
+        "regime",
+        "selector",
+        "score",
+        "universe",
+        "pool membership",
+        "challenger",
+        "shadow build",
+        "walk-forward",
+        "walk forward",
+    ),
+    "BinancePlatform": (
+        "dca",
+        "rotation",
+        "eligibility gate",
+        "free usdt",
+        "cash flow",
+        "withdrawal",
+        "deposit",
+        "open position",
+        "execution",
+        "live trading",
+        "threshold",
+        "circuit breaker",
+        "capital threshold",
+        "allocation",
+        "sizing",
+        "liquidity",
+        "spread",
+        "adv",
+    ),
+    "CryptoStrategies": (
+        "strategy",
+        "signal",
+        "allocation",
+        "sizing",
+        "ranking",
+        "selector",
+        "rotation",
+        "dca",
+        "threshold",
+    ),
+}
+SENSITIVE_PATH_PATTERNS = {
+    "CryptoLeaderRotation": (
+        r"^src/",
+        r"^config/",
+    ),
+    "BinancePlatform": (
+        r"^application/",
+        r"^infra/",
+        r"^strategy/",
+        r"^entrypoints/",
+        r"^main\.py$",
+        r"^runtime_support\.py$",
+        r"^live_services\.py$",
+        r"^degraded_mode_support\.py$",
+        r"^market_snapshot_support\.py$",
+        r"^trade_state_support\.py$",
+        r"^trend_pool_support\.py$",
+        r"^strategy_core\.py$",
+        r"^strategy_loader\.py$",
+        r"^strategy_registry\.py$",
+    ),
+    "CryptoStrategies": (
+        r"^src/",
+    ),
+}
 
 
 def parse_actions(issue_body: str) -> list[dict[str, Any]]:
@@ -93,6 +186,40 @@ def _is_completed_low_risk_task(action: dict[str, Any], repo_root: Path) -> bool
     return False
 
 
+def _normalized_action_text(action: dict[str, Any]) -> str:
+    title = str(action.get("title", ""))
+    summary = str(action.get("summary", ""))
+    return f"{title}\n{summary}".lower()
+
+
+def classify_action_for_auto_merge(action: dict[str, Any], repo_root: Path | None = None) -> tuple[bool, str]:
+    repo_root = repo_root or PROJECT_ROOT
+    text = _normalized_action_text(action)
+    if not any(term in text for term in AUTO_MERGE_SAFE_TERMS):
+        return False, "task_not_in_auto_merge_allowlist"
+
+    for term in AUTO_MERGE_BLOCK_TERMS.get(repo_root.name, ()):  # pragma: no branch - tiny tuples
+        if term in text:
+            return False, f"guarded_keyword:{term}"
+    return True, "auto_merge_safe"
+
+
+def evaluate_changed_files(changed_files: list[str], repo_root: Path | None = None) -> dict[str, Any]:
+    repo_root = repo_root or PROJECT_ROOT
+    blocked_files: list[str] = []
+    patterns = tuple(re.compile(pattern) for pattern in SENSITIVE_PATH_PATTERNS.get(repo_root.name, ()))
+    for raw_path in changed_files:
+        normalized = raw_path.strip().lstrip("./")
+        if not normalized:
+            continue
+        if any(pattern.search(normalized) for pattern in patterns):
+            blocked_files.append(normalized)
+    return {
+        "allowed": not blocked_files,
+        "blocked_files": blocked_files,
+    }
+
+
 def build_payload(issue_context: dict[str, Any], repo_root: Path | None = None) -> dict[str, Any]:
     repo_root = repo_root or PROJECT_ROOT
     issue_number = int(issue_context["number"])
@@ -113,17 +240,33 @@ def build_payload(issue_context: dict[str, Any], repo_root: Path | None = None)
             skipped_actions.append({**action, "skip_reason": "already_implemented"})
         else:
             safe_actions.append(action)
+
+    auto_merge_candidate_actions: list[dict[str, Any]] = []
+    draft_only_actions: list[dict[str, Any]] = []
+    for action in safe_actions:
+        eligible, reason = classify_action_for_auto_merge(action, repo_root)
+        if eligible:
+            auto_merge_candidate_actions.append({**action, "auto_merge_reason": reason})
+        else:
+            draft_only_actions.append({**action, "auto_merge_blocker": reason})
+
+    task_level_auto_merge_allowed = bool(safe_actions) and not draft_only_actions and bool(auto_merge_candidate_actions)
     return {
         "issue_number": issue_number,
         "issue_title": issue_title,
         "branch_name": f"automation/monthly-optimization-issue-{issue_number}",
         "commit_message": f"chore: address monthly optimization issue #{issue_number}",
-        "pr_title": f"Draft: address monthly optimization issue #{issue_number}",
+        "pr_title": f"Auto: address monthly optimization issue #{issue_number}",
         "should_run": bool(safe_actions),
         "safe_task_count": len(safe_actions),
         "skipped_task_count": len(skipped_actions),
+        "auto_merge_candidate_count": len(auto_merge_candidate_actions),
+        "draft_only_task_count": len(draft_only_actions),
+        "task_level_auto_merge_allowed": task_level_auto_merge_allowed,
         "safe_actions": safe_actions,
         "skipped_actions": skipped_actions,
+        "auto_merge_candidate_actions": auto_merge_candidate_actions,
+        "draft_only_actions": draft_only_actions,
     }
 
 
@@ -133,11 +276,13 @@ def render_task_summary(payload: dict[str, Any]) -> str:
         "",
         f"- Issue: #{payload['issue_number']} {payload['issue_title']}",
         f"- Eligible low-risk auto-pr-safe tasks: `{payload['safe_task_count']}`",
+        f"- Task-level auto-merge candidates: `{payload['auto_merge_candidate_count']}`",
+        f"- Draft-only low-risk tasks: `{payload['draft_only_task_count']}`",
     ]
     if payload["skipped_actions"]:
         lines.append(f"- Skipped as already implemented: `{payload['skipped_task_count']}`")
     if not payload["safe_actions"]:
-        lines.extend(["", "No eligible low-risk [auto-pr-safe] tasks remain for draft PR generation."])
+        lines.extend(["", "No eligible low-risk [auto-pr-safe] tasks remain for automation."])
         if payload["skipped_actions"]:
             lines.extend(["", "## Skipped Tasks"])
             for action in payload["skipped_actions"]:
@@ -149,16 +294,40 @@ def render_task_summary(payload: dict[str, Any]) -> str:
                 )
         return "\n".join(lines).strip() + "\n"
 
-    lines.extend(["", "## Selected Tasks"])
-    for action in payload["safe_actions"]:
-        flag_suffix = f" [{', '.join(action['flags'])}]" if action.get("flags") else ""
-        lines.extend(
-            [
-                f"- `{action['risk_level']}` {action['title']}{flag_suffix}",
-                f"  - Summary: {action.get('summary', 'No summary provided.')}",
-                f"  - Source: {action.get('source_label', 'Unknown source')} ({action.get('source_url', 'n/a')})",
-            ]
-        )
+    if payload["auto_merge_candidate_actions"]:
+        lines.extend(["", "## Auto-Merge Candidate Tasks"])
+        for action in payload["auto_merge_candidate_actions"]:
+            flag_suffix = f" [{', '.join(action['flags'])}]" if action.get("flags") else ""
+            lines.extend(
+                [
+                    f"- `{action['risk_level']}` {action['title']}{flag_suffix}",
+                    f"  - Summary: {action.get('summary', 'No summary provided.')}",
+                    f"  - Source: {action.get('source_label', 'Unknown source')} ({action.get('source_url', 'n/a')})",
+                ]
+            )
+
+    if payload["draft_only_actions"]:
+        lines.extend(["", "## Draft-Only Tasks"])
+        for action in payload["draft_only_actions"]:
+            flag_suffix = f" [{', '.join(action['flags'])}]" if action.get("flags") else ""
+            lines.extend(
+                [
+                    f"- `{action['risk_level']}` {action['title']}{flag_suffix}",
+                    f"  - Summary: {action.get('summary', 'No summary provided.')}",
+                    f"  - Auto-merge blocker: {action.get('auto_merge_blocker', 'guarded_task')}",
+                ]
+            )
+
+    if payload["skipped_actions"]:
+        lines.extend(["", "## Skipped Tasks"])
+        for action in payload["skipped_actions"]:
+            lines.extend(
+                [
+                    f"- `{action['risk_level']}` {action['title']}",
+                    f"  - Reason: {action['skip_reason']}",
+                ]
+            )
+
     return "\n".join(lines).strip() + "\n"
 
 
@@ -166,19 +335,27 @@ def render_pr_body(payload: dict[str, Any]) -> str:
     lines = [
         f"{MARKER_PREFIX}{payload['issue_number']} -->",
         "## Summary",
-        "This draft PR was generated from a monthly optimization task issue.",
+        "This PR was generated from a monthly optimization task issue.",
         "It only targets low-risk items explicitly marked `[auto-pr-safe]`.",
         "",
+        "## Merge Policy",
+        f"- Task-level auto-merge eligible: `{'yes' if payload['task_level_auto_merge_allowed'] else 'no'}`",
+        "- High-risk guardrails remain active for selector logic, live execution, and shared strategy code paths.",
+        "",
         "## Auto-selected tasks",
     ]
     for action in payload["safe_actions"]:
         lines.append(f"- {action['title']}: {action.get('summary', 'No summary provided.')}")
+    if payload["draft_only_actions"]:
+        lines.extend(["", "## Draft-only tasks"])
+        for action in payload["draft_only_actions"]:
+            lines.append(f"- {action['title']}: {action.get('auto_merge_blocker', 'guarded_task')}")
     lines.extend(["", f"Refs #{payload['issue_number']}"])
     return "\n".join(lines).strip() + "\n"
 
 
 def parse_args() -> argparse.Namespace:
-    parser = argparse.ArgumentParser(description="Prepare metadata for auto-generated optimization draft PRs.")
+    parser = argparse.ArgumentParser(description="Prepare metadata for auto-generated optimization PRs.")
     parser.add_argument("--issue-context-file", required=True, type=Path)
     parser.add_argument("--output-dir", required=True, type=Path)
     return parser.parse_args()
@@ -201,6 +378,8 @@ def main() -> int:
     print(f"commit_message={payload['commit_message']}")
     print(f"pr_title={payload['pr_title']}")
     print(f"safe_task_count={payload['safe_task_count']}")
+    print(f"auto_merge_candidate_count={payload['auto_merge_candidate_count']}")
+    print(f"task_level_auto_merge_allowed={'true' if payload['task_level_auto_merge_allowed'] else 'false'}")
     print(f"payload_file={payload_file}")
     print(f"task_summary_file={task_summary_file}")
     print(f"pr_body_file={pr_body_file}")
diff --git a/tests/test_auto_optimization_pr_workflow_config.py b/tests/test_auto_optimization_pr_workflow_config.py
index 5db08c2..95c4cf9 100644
--- a/tests/test_auto_optimization_pr_workflow_config.py
+++ b/tests/test_auto_optimization_pr_workflow_config.py
@@ -6,6 +6,7 @@
 
 PROJECT_ROOT = Path(__file__).resolve().parents[1]
 AUTO_WORKFLOW = PROJECT_ROOT / ".github" / "workflows" / "auto_optimization_pr.yml"
+MERGE_WORKFLOW = PROJECT_ROOT / ".github" / "workflows" / "auto_merge_optimization_pr.yml"
 CI_WORKFLOW = PROJECT_ROOT / ".github" / "workflows" / "ci.yml"
 
 
@@ -28,12 +29,27 @@ def test_auto_optimization_workflow_handles_monthly_task_issues(self) -> None:
         self.assertIn("timeout-minutes: 15", workflow)
         self.assertIn("steps.selected_tasks.outputs.task_summary", workflow)
         self.assertIn("Do not use Bash in this workflow.", workflow)
-        self.assertIn("The workflow will run CI after the draft PR is created.", workflow)
-        self.assertIn("gh pr create --draft", workflow)
+        self.assertIn("The workflow will run CI after the PR is created.", workflow)
+        self.assertIn("Evaluate merge guardrails", workflow)
+        self.assertIn("task_level_auto_merge_allowed", workflow)
+        self.assertIn("gh pr ready", workflow)
+        self.assertIn("steps.merge_guard.outputs.merge_ready", workflow)
         self.assertIn("gh workflow run ci.yml", workflow)
         self.assertIn("fetch-depth: 0", workflow)
         self.assertIn('FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"', workflow)
         self.assertIn("You are working inside CryptoLeaderRotation, the upstream selector repository.", workflow)
+        self.assertIn("Never edit files under src/ or config/ in this automation step.", workflow)
+
+    def test_auto_merge_workflow_waits_for_ci_and_merges_only_safe_ready_prs(self) -> None:
+        workflow = MERGE_WORKFLOW.read_text(encoding="utf-8")
+
+        self.assertIn("workflow_run:", workflow)
+        self.assertIn('workflows: ["CI"]', workflow)
+        self.assertIn("automation/monthly-optimization-issue-", workflow)
+        self.assertIn("gh pr view", workflow)
+        self.assertIn("evaluate_changed_files", workflow)
+        self.assertIn("Task-level auto-merge eligible: `yes`", workflow)
+        self.assertIn("gh pr merge", workflow)
 
     def test_ci_workflow_supports_manual_dispatch(self) -> None:
         workflow = CI_WORKFLOW.read_text(encoding="utf-8")
diff --git a/tests/test_monthly_optimization_planner_workflow_config.py b/tests/test_monthly_optimization_planner_workflow_config.py
index 2439ca9..7cd1f39 100644
--- a/tests/test_monthly_optimization_planner_workflow_config.py
+++ b/tests/test_monthly_optimization_planner_workflow_config.py
@@ -32,7 +32,7 @@ def test_planner_workflow_downloads_artifacts_posts_issue_and_fans_out_tasks(sel
         self.assertIn("Resolve upstream experiment validation target", workflow)
         self.assertIn("Dispatch CryptoLeaderRotation experiment validation", workflow)
         self.assertIn("Resolve downstream experiment validation target", workflow)
-        self.assertIn("Trigger BinancePlatform experiment validation by label", workflow)
+        self.assertIn("Best-effort label BinancePlatform issue for experiment validation", workflow)
         self.assertIn("experiment-validation", workflow)
         self.assertIn("Dispatch BinancePlatform experiment validation", workflow)
         self.assertIn("gh workflow run experiment_validation.yml", workflow)
diff --git a/tests/test_prepare_auto_optimization_pr.py b/tests/test_prepare_auto_optimization_pr.py
index 8ed9a34..6690aed 100644
--- a/tests/test_prepare_auto_optimization_pr.py
+++ b/tests/test_prepare_auto_optimization_pr.py
@@ -4,7 +4,7 @@
 import unittest
 from pathlib import Path
 
-from scripts.prepare_auto_optimization_pr import build_payload, parse_actions, render_pr_body
+from scripts.prepare_auto_optimization_pr import build_payload, evaluate_changed_files, parse_actions, render_pr_body
 
 
 PROJECT_ROOT = Path(__file__).resolve().parents[1]
@@ -45,6 +45,8 @@ def test_build_payload_skips_completed_clr_tasks_and_excludes_experiments(self)
         self.assertFalse(payload["should_run"])
         self.assertEqual(payload["safe_task_count"], 0)
         self.assertEqual(payload["skipped_task_count"], 2)
+        self.assertEqual(payload["auto_merge_candidate_count"], 0)
+        self.assertFalse(payload["task_level_auto_merge_allowed"])
         self.assertEqual(
             [action["title"] for action in payload["skipped_actions"]],
             [
@@ -53,7 +55,35 @@ def test_build_payload_skips_completed_clr_tasks_and_excludes_experiments(self)
             ],
         )
 
-    def test_render_pr_body_contains_marker_and_issue_reference(self) -> None:
+    def test_build_payload_marks_readme_note_as_auto_merge_candidate(self) -> None:
+        issue_context = {
+            "number": 30,
+            "title": "Monthly Optimization Tasks · Sandbox",
+            "body": """# Monthly Optimization Tasks · Sandbox
+
+## Actions
+- [ ] `low` Add a short README note [auto-pr-safe]
+  - Summary: Document a small operator-facing behavior.
+  - Source: [Sandbox #1](https://example.com/issues/1)
+""",
+        }
+        with tempfile.TemporaryDirectory() as temp_dir:
+            payload = build_payload(issue_context, repo_root=Path(temp_dir))
+        self.assertTrue(payload["should_run"])
+        self.assertEqual(payload["safe_task_count"], 1)
+        self.assertEqual(payload["auto_merge_candidate_count"], 1)
+        self.assertEqual(payload["draft_only_task_count"], 0)
+        self.assertTrue(payload["task_level_auto_merge_allowed"])
+
+    def test_evaluate_changed_files_blocks_selector_paths(self) -> None:
+        allowed = evaluate_changed_files(["docs/operator_runbook.md"], repo_root=PROJECT_ROOT)
+        blocked = evaluate_changed_files(["src/ranking.py", "README.md"], repo_root=PROJECT_ROOT)
+
+        self.assertTrue(allowed["allowed"])
+        self.assertFalse(blocked["allowed"])
+        self.assertEqual(blocked["blocked_files"], ["src/ranking.py"])
+
+    def test_render_pr_body_contains_merge_policy_and_issue_reference(self) -> None:
         issue_context = {
             "number": 30,
             "title": "Monthly Optimization Tasks · Sandbox",
@@ -70,6 +100,7 @@ def test_render_pr_body_contains_marker_and_issue_reference(self) -> None:
         body = render_pr_body(payload)
 
         self.assertIn("<!-- auto-optimization-pr:issue-30 -->", body)
+        self.assertIn("Task-level auto-merge eligible: `yes`", body)
         self.assertIn("Add a short README note", body)
         self.assertIn("Refs #30", body)