github
diff --git a/‎.github/workflows/cgo.yml‎
Lines changed: 11 additions & 8 deletions b/‎.github/workflows/cgo.yml‎
Lines changed: 11 additions & 8 deletions
@@ -520,17 +520,20 @@ jobs:
         # Track if any release-compiled files are found
         FOUND_RELEASE=0
 
-        # Check each file for version numbers in the header
+        # Check each file for release-build markers.
         # Release builds include version like: "# This file was automatically generated by gh-aw (v1.0.0). DO NOT EDIT."
         # Dev builds do not: "# This file was automatically generated by gh-aw. DO NOT EDIT."
         for file in $LOCK_FILES; do
-          # Look for the pattern: "by gh-aw (v" or "by gh-aw (0" or similar version patterns
-          # This matches versions like (v1.0.0), (0.1.0), etc.
-          if grep -E '# This file was automatically generated by gh-aw \([v0-9]' "$file" > /dev/null 2>&1; then
+          # Release-compiled lock files can be identified by either:
+          # 1. Header marker with version suffix (legacy): "...generated by gh-aw (vX.Y.Z)."
+          # 2. Metadata marker: compiler_version field in gh-aw-metadata.
+          HEADER_MARKER=$(grep -E '^# This file was automatically generated by gh-aw \([v0-9]' "$file" || true)
+          METADATA_MARKER=$(grep -E '^# gh-aw-metadata: .*"compiler_version":' "$file" || true)
+          if [ -n "$HEADER_MARKER$METADATA_MARKER" ]; then
             echo "❌ ERROR: Found release-compiled lock file: $file"
             echo ""
-            echo "Header line:"
-            grep -E '# This file was automatically generated by gh-aw \([v0-9]' "$file" || true
+            echo "Release-build marker(s):"
+            printf '%s\n%s\n' "$HEADER_MARKER" "$METADATA_MARKER" | sed '/^$/d'
             echo ""
             FOUND_RELEASE=1
           fi
@@ -541,7 +544,7 @@ jobs:
           echo "💡 Lock files should NOT be compiled with a release build!"
           echo ""
           echo "Lock files in the repository must be compiled with development builds."
-          echo "Release builds include version numbers in the header, which should only"
+          echo "Release builds include version markers (header or metadata), which should only"
           echo "appear in released binaries, not in source-controlled workflow files."
           echo ""
           echo "To fix:"
@@ -555,7 +558,7 @@ jobs:
           exit 1
         fi
 
-        echo "✅ All lock files compiled with development build (no version in header)"
+        echo "✅ All lock files compiled with development build (no release markers)"
 
     - name: Check skill file URLs use main branch
       run: |