diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 574361be6..2d1e8f1d8 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -437,17 +437,8 @@ jobs:
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
 
-      - name: Validate monorepo best practices
-        run: pnpm run validate:monorepo
-
-      - name: Validate no recursive turbo calls
-        run: pnpm run validate:turbo
-
-      - name: Validate pgSchema isolation (no raw pgTable)
-        run: pnpm run validate:pg-schema
-
-      - name: Audit crypto registry (Dexie ↔ registry ↔ allowlist)
-        run: pnpm run check:crypto
+      - name: Validate monorepo invariants (turbo + pgSchema + crypto)
+        run: pnpm run validate:all
 
       - name: Type check
         run: pnpm run type-check
diff --git a/package.json b/package.json
index 3cc7ede25..7beb5ff7a 100644
--- a/package.json
+++ b/package.json
@@ -21,6 +21,7 @@
 		"validate:dockerfiles": "node scripts/validate-dockerfiles.mjs",
 		"validate:turbo": "node scripts/validate-no-recursive-turbo.mjs",
 		"validate:pg-schema": "node scripts/validate-pg-schema-isolation.mjs",
+		"validate:all": "pnpm run validate:turbo && pnpm run validate:pg-schema && pnpm run check:crypto",
 		"check:crypto": "node scripts/audit-crypto-registry.mjs",
 		"check:crypto:seed": "node scripts/audit-crypto-registry.mjs --seed",
 		"audit:deps": "node scripts/audit-workspace-deps.mjs",