diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000000..256874cec2
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
+* @AiFeatures/core-team
diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
new file mode 100644
index 0000000000..de3160484c
--- /dev/null
+++ b/.github/copilot-instructions.md
@@ -0,0 +1,39 @@
+# Copilot Instructions — openfang
+
+## Project
+
+- **Name**: openfang
+- **Organization**: AiFeatures
+- **Enterprise**: iAiFy
+- **Description**: Open-source Agent Operating System
+
+## Fork Status
+
+This is a fork of RightNow-AI/openfang. Do not contribute back upstream.
+Local customizations are preserved in the main branch.
+Upstream sync is managed via Ai-road-4-You/fork-sync.
+
+## Conventions
+
+- Use kebab-case for file and directory names
+- Use conventional commits (feat:, fix:, chore:, docs:, refactor:, test:)
+- All PRs require review before merge
+- Branch from main, merge back to main
+
+## Shared Infrastructure
+
+- Reusable workflows: Ai-road-4-You/enterprise-ci-cd@v1
+- Composite actions: Ai-road-4-You/github-actions@v1
+- Governance standards: Ai-road-4-You/governance
+
+## Quality Standards
+
+- Run lint and tests before submitting PRs
+- Keep dependencies updated via Dependabot
+- No hardcoded secrets — use GitHub Secrets or environment variables
+- Follow OWASP Top 10 security practices
+
+## AgentHub Integration
+- Skills: `.agents/skills/` in this repo links to shared AgentHub skills
+- 14 shared agents available (api, architect, cli, deploy, developer, docker, docs, orchestrator, performance, refactor, reviewer, security, tester, troubleshoot)
+- MCP: 12 servers (GitHub, Supabase, Playwright, MongoDB, Notion, HuggingFace, etc.)
diff --git a/.github/workflows/ci-docker.yml b/.github/workflows/ci-docker.yml
new file mode 100644
index 0000000000..684a187ccf
--- /dev/null
+++ b/.github/workflows/ci-docker.yml
@@ -0,0 +1,16 @@
+name: Docker Build
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  docker:
+    uses: Ai-road-4-You/enterprise-ci-cd/.github/workflows/ci-docker.yml@v1
+    secrets: inherit
diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
new file mode 100644
index 0000000000..63b1514d8c
--- /dev/null
+++ b/.github/workflows/sbom.yml
@@ -0,0 +1,20 @@
+name: SBOM Generation
+
+on:
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+permissions:
+  contents: write
+  id-token: write
+  attestations: write
+
+jobs:
+  sbom:
+    uses: Ai-road-4-You/enterprise-ci-cd/.github/workflows/sbom.yml@main
+    permissions:
+      contents: write
+      id-token: write
+      attestations: write
+
diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
new file mode 100644
index 0000000000..4ffae89c43
--- /dev/null
+++ b/.github/workflows/security-scan.yml
@@ -0,0 +1,19 @@
+name: Security Scan
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: '0 4 * * 1'
+
+permissions:
+  contents: read
+  security-events: write
+
+jobs:
+  security:
+    uses: Ai-road-4-You/enterprise-ci-cd/.github/workflows/security-scan.yml@v1
+    secrets: inherit
+
diff --git a/AGENTS.md b/AGENTS.md
new file mode 100644
index 0000000000..7733bdf608
--- /dev/null
+++ b/AGENTS.md
@@ -0,0 +1,42 @@
+# AI Agent Instructions
+
+## Repository: openfang
+
+- **Organization**: AiFeatures
+- **Enterprise**: iAiFy
+
+## Shared Infrastructure
+
+| Resource | Reference |
+|---|---|
+| Reusable workflows | `Ai-road-4-You/enterprise-ci-cd@v1` |
+| Composite actions | `Ai-road-4-You/github-actions@v1` |
+| Governance docs | `Ai-road-4-You/governance` |
+| Repo templates | `Ai-road-4-You/repo-templates` |
+
+## Conventions
+
+1. Use **conventional commits** (`feat:`, `fix:`, `chore:`, `docs:`, `refactor:`, `test:`)
+2. Create **feature branches** for all changes
+3. Never push directly to `main`
+4. Run tests before submitting PR
+5. Keep dependencies updated via Dependabot
+6. All file names in **kebab-case**
+
+## Quality Gates
+
+Before merging any PR:
+
+- [ ] Lint passes
+- [ ] Tests pass (if test suite exists)
+- [ ] No new security vulnerabilities
+- [ ] PR has meaningful description
+- [ ] Conventional commit messages used
+
+## Agent Guardrails
+
+- Maximum autonomous change: single file or single PR
+- No force pushes
+- No branch deletion without approval
+- No secrets in code or commits
+- All agent changes must be traceable via commit author
diff --git a/CLAUDE.md b/CLAUDE.md
index cf1afa06f8..84b8b80c9f 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -121,3 +121,10 @@ taskkill //PID <pid> //F
 - `AgentLoopResult` field is `.response` not `.response_text`
 - CLI command to start daemon is `start` not `daemon`
 - On Windows: use `taskkill //PID <pid> //F` (double slashes in MSYS2/Git Bash)
+
+## AgentHub
+- Central hub: `~/AgentHub/`
+- Skills: `.agents/skills/` (symlinked to AgentHub shared skills)
+- MCP: 12 servers synced across all agents
+- Agents: 14 shared agents available
+- Hooks: Safety, notification, and logging hooks
diff --git a/FORK-CUSTOMIZATIONS.md b/FORK-CUSTOMIZATIONS.md
new file mode 100644
index 0000000000..51919f40e5
--- /dev/null
+++ b/FORK-CUSTOMIZATIONS.md
@@ -0,0 +1,70 @@
+# Fork Customizations
+
+> Upstream: [RightNow-AI/openfang](https://github.com/RightNow-AI/openfang)
+> Fork maintained by: @ashsolei
+> Last reviewed: 2026-04-08
+> Fork type: **light-customization**
+> Sync cadence: **quarterly**
+
+## Purpose of Fork
+
+OpenFang tooling fork with iAiFy CI baseline.
+
+## Upstream Source
+
+| Property | Value |
+|---|---|
+| Upstream | [RightNow-AI/openfang](https://github.com/RightNow-AI/openfang) |
+| Fork org | AiFeatures |
+| Fork type | light-customization |
+| Sync cadence | quarterly |
+| Owner | @ashsolei |
+
+## Carried Patches
+
+Local commits ahead of `upstream/main` at last review:
+
+- `bce3529 chore: sync CLAUDE.md and copilot-instructions docs`
+- `e64f8dc docs: add AGENTS.md for iAiFy governance`
+- `d3d099e docs: add copilot-instructions.md for iAiFy governance`
+
+## Supported Components
+
+- Root governance files (`.github/`, `CLAUDE.md`, `AGENTS.md`, `FORK-CUSTOMIZATIONS.md`)
+- Enterprise CI/CD workflows imported from `Ai-road-4-You/enterprise-ci-cd`
+
+## Out of Support
+
+- All upstream source directories are tracked as upstream-of-record; local edits to core source are discouraged.
+
+## Breaking-Change Policy
+
+1. On upstream sync, classify per `governance/docs/fork-governance.md`.
+2. Breaking API/license/security changes auto-classify as `manual-review-required`.
+3. Owner triages within 5 business days; conflicts are logged to the `fork-sync-failure` issue label.
+4. Revert local customizations only after stakeholder sign-off.
+
+## Sync Strategy
+
+This fork follows the [Fork Governance Policy](https://github.com/Ai-road-4-You/governance/blob/main/docs/fork-governance.md)
+and the [Fork Upstream Merge Runbook](https://github.com/Ai-road-4-You/governance/blob/main/docs/runbooks/fork-upstream-merge.md).
+
+- **Sync frequency**: quarterly
+- **Conflict resolution**: Prefer upstream; reapply iAiFy customizations on a sync branch
+- **Automation**: [`Ai-road-4-You/fork-sync`](https://github.com/Ai-road-4-You/fork-sync) workflows
+- **Failure handling**: Sync failures create issues tagged `fork-sync-failure`
+
+## Decision: Continue, Rebase, Refresh, or Replace
+
+| Option | Current Assessment |
+|---|---|
+| Continue maintaining fork | yes - governance overlay only |
+| Full rebase onto upstream | feasible on request |
+| Fresh fork (discard local changes) | acceptable |
+| Replace with upstream directly | possible |
+
+## Maintenance
+
+- **Owner**: @ashsolei
+- **Last reviewed**: 2026-04-08
+- **Reference runbook**: `ai-road-4-you/governance/docs/runbooks/fork-upstream-merge.md`
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000000..08ecdbf336
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 iAiFy
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/README.md b/README.md
index 08e5e63323..ae6e1eb3dc 100644
--- a/README.md
+++ b/README.md
@@ -46,6 +46,10 @@ curl -fsSL https://openfang.sh/install | sh
 openfang init
 openfang start
 # Dashboard live at http://localhost:4200
+
+> **Status**: active | **Version**: unversioned | **README refreshed**: 2026-04-17
+>
+> Since README was last updated (2026-03-15): 104 tracked commits (21 feat, 72 fix, 11 chore). Fork with upstream-mirror sync.
 ```
 
 <details>