diff --git a/.github/workflows/license-inventory.yml b/.github/workflows/license-inventory.yml
new file mode 100644
index 0000000000..aa6a5535a5
--- /dev/null
+++ b/.github/workflows/license-inventory.yml
@@ -0,0 +1,11 @@
+name: license-inventory
+on:
+  schedule:
+    - cron: "0 5 * * 1" # Mondays ~06:00 Europe/Stockholm
+  workflow_dispatch:
+jobs:
+  inventory:
+    permissions:
+      contents: write
+      pull-requests: write
+    uses: HedvigInsurance/prod-env/.github/workflows/license-inventory.yml@master
diff --git a/.github/workflows/license.yml b/.github/workflows/license.yml
new file mode 100644
index 0000000000..8069ba6381
--- /dev/null
+++ b/.github/workflows/license.yml
@@ -0,0 +1,16 @@
+name: license
+on:
+  pull_request:
+  push:
+    branches: [develop, "renovate/**"]
+jobs:
+  license:
+    uses: HedvigInsurance/prod-env/.github/workflows/license-gate.yml@master
+    with:
+      # Android ships to end-user devices (a distribution context), so block weak
+      # copyleft (LGPL/MPL/EPL) as well as forbidden licenses — not just the
+      # forbidden set that backends gate on.
+      gate-severity: "HIGH,CRITICAL"
+      # Warn-only pilot: reports findings but never fails the build. Review one run,
+      # populate `ignored-licenses` for any pre-existing hits, then remove this line.
+      enforce: false