diff --git a/web/src/main/java/com/dite/znpt/web/build/DeployController.java b/web/src/main/java/com/dite/znpt/web/build/DeployController.java
index 1d7b3a1..d5b662a 100644
--- a/web/src/main/java/com/dite/znpt/web/build/DeployController.java
+++ b/web/src/main/java/com/dite/znpt/web/build/DeployController.java
@@ -61,7 +61,7 @@ public class DeployController {
 
         // 1. 签名校验
         if (!validSignature(body, signature)) {
-            throw new RuntimeException("签名错误");
+            return ResponseEntity.status(403).body("签名验证失败");
         }
 
         // 2. 启动部署流程
@@ -75,9 +75,8 @@ public class DeployController {
         try {
             Mac mac = Mac.getInstance("HmacSHA256");
             mac.init(new SecretKeySpec(webhookSecret.getBytes(StandardCharsets.UTF_8), "HmacSHA256"));
-            byte[] hash = mac.doFinal(body);
-            String computed = "sha256=" + bytesToHex(hash);
-            return computed.equalsIgnoreCase(sigHeader);
+            String computed = bytesToHex(mac.doFinal(body));
+            return computed.equalsIgnoreCase(sigHeader);   // 不区分大小写
         } catch (Exception e) {
             return false;
         }