diff --git a/scripts/sync-dev-after-release.sh b/scripts/sync-dev-after-release.sh
index 9221b5a..6e1d979 100755
--- a/scripts/sync-dev-after-release.sh
+++ b/scripts/sync-dev-after-release.sh
@@ -1,7 +1,8 @@
 #!/usr/bin/env bash
 # Backport release artifacts from main to dev after a release tag publishes.
 #
-# Pulls two files from main and lands them as a single signed commit on dev:
+# Pulls two files from main and lands them via a PR against dev (per this
+# repo's PR-only convention — direct commits to dev are not permitted):
 #   - VERSION — overwritten with the released version (plain text, no leading "v").
 #   - CHANGELOG.md — copied verbatim from origin/main. Main is fully
 #     authoritative for CHANGELOG; dev never edits it directly.
@@ -15,7 +16,7 @@
 #   ./scripts/sync-dev-after-release.sh v0.2.0
 #
 # Idempotent: safe to re-run. If dev already matches main on these two
-# files, the script exits 0 with no commit.
+# files, the script exits 0 without creating a branch or PR.
 #
 # Mirror of ~/dev/agentnative-cli/scripts/sync-dev-after-release.sh; this
 # variant drops the Cargo.toml/Cargo.lock steps because the skill bundle
@@ -87,6 +88,20 @@ fi
 git switch dev
 git pull --ff-only origin dev
 
+# Cut a branch -- the repo's RELEASES.md and AGENTS.md ban direct commits to dev.
+SYNC_BRANCH="chore/sync-dev-after-${VERSION}"
+
+if git rev-parse --verify --quiet "$SYNC_BRANCH" >/dev/null; then
+    echo "error: branch $SYNC_BRANCH already exists locally -- delete it or finish the prior run" >&2
+    exit 68
+fi
+if git ls-remote --exit-code --heads origin "$SYNC_BRANCH" >/dev/null 2>&1; then
+    echo "error: branch $SYNC_BRANCH already exists on origin -- check for an open PR or delete the remote branch" >&2
+    exit 68
+fi
+
+git checkout -b "$SYNC_BRANCH"
+
 # VERSION is plain text; overwrite with the released version (no leading "v").
 printf '%s\n' "$VERSION_NO_V" > VERSION
 
@@ -95,6 +110,8 @@ git checkout origin/main -- CHANGELOG.md
 
 if git diff --quiet VERSION CHANGELOG.md; then
     echo "no changes -- dev already in sync with $VERSION"
+    git switch dev
+    git branch -D "$SYNC_BRANCH"
     exit 0
 fi
 
@@ -121,4 +138,70 @@ if [[ -x scripts/generate-changelog.sh ]] && command -v git-cliff >/dev/null 2>&
     fi
 fi
 
-echo "committed; push with: git push origin dev"
+# Push the sync branch and open a PR. Direct merge to dev is not permitted.
+if ! command -v gh >/dev/null 2>&1; then
+    echo "error: gh not on PATH -- branch is committed locally as $SYNC_BRANCH; push and PR by hand" >&2
+    exit 69
+fi
+
+git push -u origin "$SYNC_BRANCH"
+
+# PR body composed at runtime; written to mktemp so gh pr create reads it
+# via --body-file rather than an inline heredoc.
+PR_BODY_FILE="$(mktemp -t "sync-dev-after-${VERSION}-pr-body.XXXXXX")"
+trap 'rm -f "$PR_BODY_FILE"' EXIT
+
+TAG_SHORT="$(git rev-parse --short "$TAG_SHA")"
+
+cat > "$PR_BODY_FILE" <<EOF
+## Summary
+
+Backports the v${VERSION_NO_V} release-prep state from \`main\` so dev's \`VERSION\` matches the released number
+and the v${VERSION_NO_V} CHANGELOG section sits at the top of dev's \`CHANGELOG.md\` going forward.
+
+Source: tag \`${VERSION}\` at \`${TAG_SHORT}\` on \`main\`. Files synced verbatim from \`origin/main\`:
+\`VERSION\` and \`CHANGELOG.md\`.
+
+Generated by \`scripts/sync-dev-after-release.sh\`. Run idempotently per release: if dev already matches main on
+these two files, the script exits 0 without creating this PR.
+
+## Changelog
+
+This PR is producer-side scaffolding and does not change anything users see; no \`## Changelog\` bullets to
+extract.
+
+## Type of Change
+
+- [x] \`chore\`: Maintenance tasks (release backport)
+
+## Testing
+
+- [x] Manual testing completed
+
+The script's preflight verified: the release tag exists, \`origin/main\` is at or past it, and the GitHub Release
+is not still a draft. \`generate-changelog.sh --dry-run\` was also invoked post-sync to check for PR-body drift
+against the backported CHANGELOG; see this PR's stderr for any drift warnings.
+
+## Files Modified
+
+**Modified:**
+
+- \`VERSION\` (set to \`${VERSION_NO_V}\`)
+- \`CHANGELOG.md\` (verbatim copy from \`origin/main\` at \`${TAG_SHORT}\`)
+
+## Breaking Changes
+
+- [x] No breaking changes
+
+## Deployment Notes
+
+- [x] No special deployment steps required
+EOF
+
+gh pr create \
+    --base dev \
+    --head "$SYNC_BRANCH" \
+    --title "chore(release): sync dev after ${VERSION}" \
+    --body-file "$PR_BODY_FILE"
+
+echo "PR opened against dev; review and merge once CI is green."