diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml
index 70318ef9..82e8570f 100644
--- a/.github/workflows/push.yaml
+++ b/.github/workflows/push.yaml
@@ -1,10 +1,10 @@
-name: push
+name: push-artifacts
 
 on:
   workflow_dispatch:
     inputs:
       version:
-        description: 'semver'
+        description: 'RC version'
         required: true
 
 permissions:
@@ -29,12 +29,22 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Push and Sign
+      - name: Push minimal module
         run: |
           timoni mod push ./examples/minimal oci://ghcr.io/stefanprodan/timoni/minimal \
-          --sign cosign \
-          --version ${{ github.event.inputs.version }} \
+          -v ${{ github.event.inputs.version }} --latest \
           -a 'org.opencontainers.image.licenses=Apache-2.0' \
-          -a 'org.opencontainers.image.source=https://github.com/stefanprodan/timoni/tree/main/examples/minimal'  \
-          -a 'org.opencontainers.image.description=A minimal timoni.sh module example.' \
-          -a 'org.opencontainers.image.documentation=https://github.com/stefanprodan/timoni/blob/main/examples/minimal/README.md'
+          -a 'org.opencontainers.image.source=https://github.com/stefanprodan/timoni'  \
+          -a 'org.opencontainers.image.description=A minimal timoni.sh module.' \
+          -a 'org.opencontainers.image.documentation=https://timoni.sh' \
+          --sign cosign
+      - name: Push schemas
+        run: |
+          timoni artifact push oci://ghcr.io/stefanprodan/timoni/schemas \
+          -f ./schemas -t ${{ github.event.inputs.version }} -t latest \ 
+          -a 'org.opencontainers.image.licenses=Apache-2.0' \
+          -a 'org.opencontainers.image.source=https://github.com/stefanprodan/timoni'  \
+          -a 'org.opencontainers.image.description=Timoni CUE schemas.' \
+          -a 'org.opencontainers.image.documentation=https://timoni.sh' \
+          --content-type="cue.mod/pkg" \
+          --sign cosign
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 1eef1523..d7b66bd6 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -55,6 +55,51 @@ jobs:
           echo "hashes=$hashes" >> $GITHUB_OUTPUT
           echo "version=${GITHUB_REF_NAME#v}" >> $GITHUB_OUTPUT
 
+  publish-artifacts:
+    needs: [goreleaser]
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+      packages: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+      - name: Setup Cosign
+        uses: sigstore/cosign-installer@11086d25041f77fe8fe7b9ea4e48e3b9192b8f19 # v3.1.2
+      - name: Setup Timoni
+        uses: ./actions/setup
+      - name: Login to GHCR
+        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Version info
+        id: info
+        run: |
+          VERSION=$(timoni -v | awk '{ print $NF }')
+          echo "version=${VERSION}" >> $GITHUB_OUTPUT
+      - name: Push minimal module
+        run: |
+          timoni mod push ./examples/minimal oci://ghcr.io/stefanprodan/timoni/minimal \
+          -v ${{ steps.info.outputs.version }} --latest \
+          -a 'org.opencontainers.image.licenses=Apache-2.0' \
+          -a 'org.opencontainers.image.source=https://github.com/stefanprodan/timoni'  \
+          -a 'org.opencontainers.image.description=A minimal timoni.sh module.' \
+          -a 'org.opencontainers.image.documentation=https://timoni.sh' \
+          --sign cosign
+      - name: Push schemas
+        run: |
+          timoni artifact push oci://ghcr.io/stefanprodan/timoni/schemas \
+          -f ./schemas -t ${{ steps.info.outputs.version }} -t latest \ 
+          -a 'org.opencontainers.image.licenses=Apache-2.0' \
+          -a 'org.opencontainers.image.source=https://github.com/stefanprodan/timoni'  \
+          -a 'org.opencontainers.image.description=Timoni CUE schemas.' \
+          -a 'org.opencontainers.image.documentation=https://timoni.sh' \
+          --content-type="cue.mod/pkg" \
+          --sign cosign
+
   provenance:
     needs: [goreleaser]
     permissions:
diff --git a/schemas/README.md b/schemas/README.md
new file mode 100644
index 00000000..9b140a0b
--- /dev/null
+++ b/schemas/README.md
@@ -0,0 +1,23 @@
+# Timoni CUE Schemas
+
+The Timoni's CUE schemas are included in the modules generated with `timoni mod init`.
+
+## Vendoring
+
+To update a module's schemas to the latest version,
+run the following command from within the module root:
+
+```shell
+timoni artifact pull oci://ghcr.io/stefanprodan/timoni/schemas:latest \
+  --output cue.mod/pkg
+```
+
+To update the schemas and verify the signature with Cosign v2:
+
+```shell
+timoni artifact pull oci://ghcr.io/stefanprodan/timoni/schemas:latest \
+  --verify=cosign \
+  --certificate-identity-regexp="^https://github.com/stefanprodan/timoni.*$" \
+  --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
+  --output cue.mod/pkg
+```