diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 24d4c00..0285527 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -101,8 +101,10 @@ jobs:
         run: |
           DMG_PATH=$(ls src-tauri/target/universal-apple-darwin/release/bundle/dmg/*.dmg | head -1)
           rm -f "${DMG_PATH}.sig"
-          # 用 python 将私钥写入文件，避免 shell heredoc 缩进问题
+          # 用 python 将私钥写入文件，避免 shell 多行环境变量传递问题
+          # 注意：清空 TAURI_SIGNING_PRIVATE_KEY 环境变量，避免与 -f 参数冲突
           python3 -c "import os; open('/tmp/private.key','w').write(os.environ['TAURI_SIGNING_PRIVATE_KEY'].strip())"
+          unset TAURI_SIGNING_PRIVATE_KEY
           npx tauri signer sign -f /tmp/private.key -p "$TAURI_SIGNING_PRIVATE_KEY_PASSWORD" "$DMG_PATH"
           rm -f /tmp/private.key
         env: