diff --git a/.github/workflows/on_pr_changed.yml b/.github/workflows/on_pr_changed.yml
new file mode 100644
index 000000000..2f8bca6d7
--- /dev/null
+++ b/.github/workflows/on_pr_changed.yml
@@ -0,0 +1,33 @@
+name: 'on: pr changed'
+
+on:
+  pull_request:
+  pull_request_target:
+
+jobs:
+  build_example:
+    name: Build example
+    if: ${{ contains(github.event.pull_request.labels.*.name, 'ci:build_example') }}
+    uses: ./.github/workflows/run_build_example.yml
+    with:
+      target_branch: ${{ github.event.pull_request.head.ref }}
+      issue_number: ${{ github.event.pull_request.number }}
+    secrets:
+      APP_ID: ${{ secrets.APP_ID }}
+      BUILD_PROVISION_PROFILE_UUID: ${{ secrets.BUILD_PROVISION_PROFILE_UUID }}
+      BUILD_PROVISION_PROFILE_NAME: ${{ secrets.BUILD_PROVISION_PROFILE_NAME }}
+      BUILD_PROVISION_PROFILE_TEAMID: ${{ secrets.BUILD_PROVISION_PROFILE_TEAMID }}
+      BUILD_PROVISION_PROFILE_IDENTITY: ${{ secrets.BUILD_PROVISION_PROFILE_IDENTITY }}
+      BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
+      P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
+      BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
+      KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
+
+
+  run_test:
+    name: Run test
+    if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci:skip') }}
+    uses: ./.github/workflows/run_test.yml
+    secrets:
+      APP_ID: ${{ secrets.APP_ID }}
+            
\ No newline at end of file
diff --git a/.github/workflows/on_pr_external.yml b/.github/workflows/on_pr_external.yml
deleted file mode 100644
index cdac41034..000000000
--- a/.github/workflows/on_pr_external.yml
+++ /dev/null
@@ -1,80 +0,0 @@
-# This workflow is aim to let external contributors to run the integration tests.
-# * Check if the user is a external or internal contributor or not (who is in the org or not).
-# * If the user is a external contributor, remove the label "ci:schedule_run_ci" for each push.
-# * The PR with label "ci:schedule_run_ci" can trigger the `workflows/run_test.yml`.
-# 
-# If the user is a external contributor, the repo owener or the users with write access should response for add the 
-# label "ci:schedule_run_ci" to allow the external contributor to run the CI.
-name: 'on: pr external'
-
-on:
-  pull_request_target:
-    types: [labeled, synchronize]
-
-jobs:
-  check_permission:
-    name: Check permission
-    if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci:skip') }}
-    runs-on: ubuntu-latest
-    timeout-minutes: 60
-    steps:
-      - name: Check if external contributors
-        id: check-contributors-result
-        uses: actions/github-script@v6
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          debug: true
-          script: |
-            const org = "AgoraIO-Extensions"
-            const userName = "${{ github.event.pull_request.user.login }}"
-
-            let contributorStatus = -1; // unknown
-
-            try {
-              // see https://docs.github.com/en/rest/orgs/members?apiVersion=2022-11-28#check-organization-membership-for-a-user
-              const response = await github.request('GET /orgs/{org}/members/{username}', {
-                  org: org,
-                  username: userName,
-                  headers: {
-                    'X-GitHub-Api-Version': '2022-11-28'
-                  }
-                })
-
-              console.log(`response: ${response.data}`);
-              if (response.status == 204) {
-                  console.log(`Internal contributor: ${userName}`);
-              } else {
-                  console.log(`External contributor: ${userName}`);
-              }
-
-              // 0: internal contributors
-              // 1: external contributors
-              contributorStatus = response.status == 204 ? 0 : 1
-            } catch (error) {
-              console.log(`Error: ${error.message}`);
-              // 404 mean external contributors
-              contributorStatus = error.status == 404 ? 1 : contributorStatus
-              console.log(`contributorStatus: ${contributorStatus}`);
-            }
-
-            return contributorStatus;
-
-      - name: Remove label ci:schedule_run_ci if necessary
-        # If the external contributor (steps.check-contributors-result.outputs.result > 0) push a new commit (github.event.action == 'synchronize'), 
-        # remove the label: ci:schedule_run_ci to avoid the contributor do some harmful things.
-        if: ${{ github.event.action == 'synchronize' && steps.check-contributors-result.outputs.result > 0 }}
-        uses: actions-ecosystem/action-remove-labels@v1
-        with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          number: ${{ github.event.pull_request.number }}
-          labels: ci:schedule_run_ci
-          fail_on_error: false
-
-  run_test:
-    name: Run test
-    needs: check_permission
-    if: ${{ contains(github.event.pull_request.labels.*.name, 'ci:schedule_run_ci') }}
-    uses: ./.github/workflows/run_test.yml
-    secrets:
-      APP_ID: ${{ secrets.APP_ID }}
-            
\ No newline at end of file
diff --git a/.github/workflows/on_pr_internal.yml b/.github/workflows/on_pr_internal.yml
deleted file mode 100644
index e68540645..000000000
--- a/.github/workflows/on_pr_internal.yml
+++ /dev/null
@@ -1,57 +0,0 @@
-name: 'on: pr internal'
-
-on:
-  pull_request:
-
-jobs:
-  check_permission:
-    name: Check permission
-    if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci:skip') || contains(github.event.pull_request.labels.*.name, 'ci:build_example') }}
-    runs-on: ubuntu-latest
-    timeout-minutes: 60
-    outputs:
-        has_permission: ${{ steps.check_permission_by_secret.outputs.has_permission }}
-    steps:
-      - name: Check for Secret availability
-        id: check_permission_by_secret
-        # perform secret check & put boolean result as an output
-        shell: bash
-        run: |
-          APP_ID="${{ secrets.APP_ID }}"
-          if [ ! -z "${APP_ID}" ]; then
-            echo "has_permission=1" >> $GITHUB_OUTPUT;
-            echo "secrets.APP_ID is not empty, PR opened by the internal contributors"
-          else
-            echo "has_permission=-1" >> $GITHUB_OUTPUT;
-            echo "secrets.APP_ID is empty, PR opened by the external contributors"
-          fi
-
-  build_example:
-    name: Build example
-    needs: check_permission
-    if: ${{ needs.check_permission.outputs.has_permission == 1 && contains(github.event.pull_request.labels.*.name, 'ci:build_example') }}
-    uses: ./.github/workflows/run_build_example.yml
-    with:
-      target_branch: ${{ github.event.pull_request.head.ref }}
-      issue_number: ${{ github.event.pull_request.number }}
-    secrets:
-      APP_ID: ${{ secrets.APP_ID }}
-      BUILD_PROVISION_PROFILE_UUID: ${{ secrets.BUILD_PROVISION_PROFILE_UUID }}
-      BUILD_PROVISION_PROFILE_NAME: ${{ secrets.BUILD_PROVISION_PROFILE_NAME }}
-      BUILD_PROVISION_PROFILE_TEAMID: ${{ secrets.BUILD_PROVISION_PROFILE_TEAMID }}
-      BUILD_PROVISION_PROFILE_IDENTITY: ${{ secrets.BUILD_PROVISION_PROFILE_IDENTITY }}
-      BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
-      P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
-      BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
-      KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
-
-
-  run_test:
-    name: Run test
-    needs: check_permission
-    # If the PR requested by a external contributor, the secrets.APP_ID should be empty, and skip this workflow
-    if: ${{ needs.check_permission.outputs.has_permission == 1 && !contains(github.event.pull_request.labels.*.name, 'ci:skip') }}
-    uses: ./.github/workflows/run_test.yml
-    secrets:
-      APP_ID: ${{ secrets.APP_ID }}
-            
\ No newline at end of file