diff --git a/.github/workflows/feature-discovery.yml b/.github/workflows/feature-discovery.yml
index 39335ce..9185ec9 100644
--- a/.github/workflows/feature-discovery.yml
+++ b/.github/workflows/feature-discovery.yml
@@ -596,6 +596,8 @@ jobs:
 
       - name: Commit feature tracker updates
         if: steps.claude-discovery.conclusion == 'success'
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           set -euo pipefail
 
@@ -641,8 +643,29 @@ jobs:
 
           [skip ci]"
 
-          # Push changes
-          git push origin HEAD
+          # Create branch and push for PR since master is protected
+          BRANCH_NAME="feature-discovery/tracker-update-$(date +%Y%m%d-%H%M%S)"
+          git checkout -b "$BRANCH_NAME"
+          git push origin "$BRANCH_NAME"
+          
+          # Create pull request for tracker updates
+          gh pr create \
+            --title "chore: update AWS Backup feature discovery tracker" \
+            --body "Automated update of feature discovery tracker database.
+          
+          **Scan Details:**
+          - Scan completed: $(date -u '+%Y-%m-%d %H:%M:%S UTC')
+          - Provider version: ${{ inputs.provider_version || 'latest' }}
+          - Workflow run: ${{ github.run_id }}
+          
+          This PR contains automated updates to the feature tracking database and can be safely merged.
+          
+          ---
+          *Auto-generated by AWS Backup Feature Discovery workflow*" \
+            --label "aws-backup,ci-cd,configuration" \
+            --assignee "lgallard"
+          
+          echo "Created PR for tracker updates on branch: $BRANCH_NAME"
 
           # Release lock
           flock -u 200