diff --git a/.github/workflows/_release-please.yml b/.github/workflows/_release-please.yml
index 903459e..2424bf3 100644
--- a/.github/workflows/_release-please.yml
+++ b/.github/workflows/_release-please.yml
@@ -2,15 +2,22 @@
 # Automates versioning and changelog via conventional commits.
 #
 # All release configuration is inlined as action inputs.
-# Calling repos should pass secrets explicitly:
+# Calling repos should pass secrets and permissions explicitly:
 #
 #   jobs:
 #     release-please:
+#       permissions:
+#         contents: read
+#         pull-requests: write
 #       uses: JacobPEvans/.github/.github/workflows/_release-please.yml@main
 #       secrets:
 #         GH_ACTION_JACOBPEVANS_APP_ID: ${{ secrets.GH_ACTION_JACOBPEVANS_APP_ID }}
 #         GH_APP_PRIVATE_KEY: ${{ secrets.GH_APP_PRIVATE_KEY }}
 #
+# Org/repo prerequisites:
+#   "Allow GitHub Actions to create and approve pull requests" must be enabled
+#   Calling repos must grant `pull-requests: write` in the caller job permissions
+#
 # Required files in each calling repo:
 #   VERSION                         - plain-text current version (e.g. "1.2.3")
 #   .release-please-manifest.json  - release-please manifest (e.g. {"." : "1.2.3"})
@@ -42,6 +49,7 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: read
+      pull-requests: write
     steps:
       - uses: actions/checkout@v6
 
@@ -78,13 +86,26 @@ jobs:
             ]
           manifest-file: .release-please-manifest.json
 
-      - name: Enable auto-merge for release PR
+      - name: Find release PR number
+        id: find-pr
         if: steps.release.outputs.prs_created == 'true'
         env:
           GH_TOKEN: ${{ steps.app-token.outputs.token }}
           BASE_BRANCH: ${{ github.ref_name }}
         run: |
           PR_NUMBER=$(gh pr list --head "release-please--branches--${BASE_BRANCH}" --json number --jq '.[0].number // empty')
-          if [ -n "$PR_NUMBER" ]; then
-            gh pr merge "$PR_NUMBER" --auto --squash
-          fi
+          echo "number=$PR_NUMBER" >> $GITHUB_OUTPUT
+
+      - name: Enable auto-merge for release PR
+        if: steps.find-pr.outputs.number != ''
+        env:
+          GH_TOKEN: ${{ steps.app-token.outputs.token }}
+          PR_NUMBER: ${{ steps.find-pr.outputs.number }}
+        run: gh pr merge "$PR_NUMBER" --auto --squash
+
+      - name: Approve release PR
+        if: steps.find-pr.outputs.number != ''
+        env:
+          GH_TOKEN: ${{ github.token }}
+          PR_NUMBER: ${{ steps.find-pr.outputs.number }}
+        run: gh pr review "$PR_NUMBER" --approve