diff --git a/.github/workflows/maintainer.yml b/.github/workflows/maintainer.yml
deleted file mode 100644
index ff1a15d..0000000
--- a/.github/workflows/maintainer.yml
+++ /dev/null
@@ -1,82 +0,0 @@
-# Caretaker — thin streaming workflow.
-#
-# This workflow is the bare minimum needed to invoke the backend.
-# Webhooks installed via the caretaker GitHub App are the primary path
-# (real-time, event-driven). This workflow exists for two narrower jobs:
-#
-#   1. Operator-triggered runs — kick a run from the GitHub UI via
-#      workflow_dispatch (the "Run workflow" button).
-#   2. Webhook-miss recovery — sparse cron that reconciles state if a
-#      delivery dropped. The backend's reconciliation scheduler does
-#      most of the heavy lifting; this is a redundant safety net.
-#
-# No pip install of caretaker, no checkout, no LLM keys, no Copilot PAT —
-# the backend holds everything. This file should change rarely.
-#
-# Required repo variable:
-#   CARETAKER_BACKEND_URL   — e.g. https://caretaker.example.com
-#
-# Optional repo variable:
-#   CARETAKER_OIDC_AUDIENCE — defaults to "caretaker-backend"
-
-name: Caretaker
-
-on:
-  schedule:
-    # Sparse cron — webhook-miss recovery only. The backend has its own
-    # reconciliation scheduler running on a 30-minute interval, so a
-    # 6-hour cadence here is plenty as a belt-and-suspenders fallback.
-    - cron: "37 */6 * * *"
-  workflow_dispatch:
-    inputs:
-      mode:
-        description: "Run mode the backend should execute"
-        required: false
-        default: "full"
-        type: choice
-        options:
-          - full
-          - pr-only
-          - issue-only
-          - upgrade
-          - security
-          - deps
-          - stale
-
-# Serialise concurrent runs so an operator-triggered run does not stack
-# on top of a sparse-cron run. Cancellation off — webhooks are the
-# real-time path, this workflow is the safety net.
-concurrency:
-  group: caretaker
-  cancel-in-progress: false
-
-permissions:
-  # OIDC: enables the runner to mint a GitHub Actions JWT bound to the
-  # backend's audience, which the backend exchanges for a per-run
-  # ingest token. No GITHUB_TOKEN, no PAT, no LLM secrets.
-  id-token: write
-  contents: read
-
-jobs:
-  stream:
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    env:
-      CARETAKER_BACKEND_URL: ${{ vars.CARETAKER_BACKEND_URL }}
-      CARETAKER_OIDC_AUDIENCE: ${{ vars.CARETAKER_OIDC_AUDIENCE }}
-    steps:
-      - uses: actions/setup-python@v5
-        with:
-          python-version: "3.12"
-
-      - name: Install caretaker (thin client only)
-        run: |
-          # The thin client needs only the runs shipper; no agent code,
-          # no orchestrator, no LLM dependencies. The version is pinned
-          # to the latest published release so the runner does not run
-          # ahead of the backend.
-          pip install --quiet "caretaker"
-
-      - name: Stream a backend-executed run
-        run: |
-          caretaker stream --mode "${{ inputs.mode || 'full' }}"