diff --git a/.github/workflows/github-actions.yml b/.github/workflows/github-actions.yml
index 5ed3c8871..2e911d49d 100644
--- a/.github/workflows/github-actions.yml
+++ b/.github/workflows/github-actions.yml
@@ -15,6 +15,21 @@ permissions:
     # Optional: allow read access to pull request. Use with `only-new-issues` option.
     # pull-requests: read
 jobs:
+  base-ref:
+    name: base-ref
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.base.ref }}
+      - name: Check base ref
+        # Case-insensitive matches for:
+        # 1. Jira references (trid-12345)
+        # 2. PR numbers (#1234)
+        # 3. Squashed commit messages (* message)
+        run: |
+          git log --format=%B -n 1 | \
+          perl -ne 'die "Base ref has invalid commit message" if (/(?:trid|astractl)(?: |-)\d+/ig || /#\d+/ig || /\* \w/ig)'
   golangci:
     name: linters
     runs-on: ubuntu-latest