diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml
index 3ea3e8b..6de66c1 100644
--- a/.github/workflows/chromatic.yml
+++ b/.github/workflows/chromatic.yml
@@ -4,12 +4,41 @@ name: Chromatic
 # visual regressions are caught before merge. The first build was seeded
 # locally; subsequent builds run here with CHROMATIC_PROJECT_TOKEN from
 # repo secrets.
+#
+# Snapshot quota lives under a budget (free tier 5000 / OSS tier 7500 per
+# month). A `paths-ignore` filter keeps Chromatic from spending snapshots
+# on changes that cannot affect the visual output (docs, changelogs,
+# changesets, dependabot config, the auto-merge workflow). None of these
+# touch the published bundle or any story.
+#
+# Dependabot PRs continue to run Chromatic on purpose: a future PR is
+# expected to re-enable TurboSnap with a content-hash fingerprint of
+# `pharos-tokens`, after which a Dependabot bump that does not change the
+# fingerprint will skip every snapshot anyway, and the rare bump that
+# does change it (typically a pharos-tokens release) still wants a
+# visual check.
 
 on:
   push:
     branches: [main]
+    paths-ignore:
+      - '**/*.md'
+      - '**/*.mdx'
+      - '.changeset/**'
+      - 'CHANGELOG.md'
+      - 'LICENSE'
+      - '.github/dependabot.yml'
+      - '.github/workflows/dependabot-auto-merge.yml'
   pull_request:
     branches: [main]
+    paths-ignore:
+      - '**/*.md'
+      - '**/*.mdx'
+      - '.changeset/**'
+      - 'CHANGELOG.md'
+      - 'LICENSE'
+      - '.github/dependabot.yml'
+      - '.github/workflows/dependabot-auto-merge.yml'
 
 permissions:
   contents: read