diff --git a/docs/design/13-toolchain-and-dev-workflow.md b/docs/design/13-toolchain-and-dev-workflow.md
index 2f4acc2..a12e514 100644
--- a/docs/design/13-toolchain-and-dev-workflow.md
+++ b/docs/design/13-toolchain-and-dev-workflow.md
@@ -1138,13 +1138,23 @@ Layer 3: Mail 执行层（Agent 接口）
 ```python
 # src/api/webhook_routes.py
 @router.post("/webhook/gitea")
-async def handle_gitea_webhook(event: dict, x_gitea_event: str = Header(...)):
+async def handle_gitea_webhook(event: dict, x_gitea_event: str = Header(...), x_gitea_signature: str = Header(None)):
     """接收 Gitea Webhook，翻译成 Mail 或 spawn 庞统"""
     
+    # 签名验证（防止伪造）
+    if x_gitea_signature and WEBHOOK_SECRET:
+        expected = hmac.new(WEBHOOK_SECRET, json.dumps(event).encode(), sha256).hexdigest()
+        if not hmac.compare_digest(expected, x_gitea_signature):
+            raise HTTPException(403, "Invalid webhook signature")
+    
+    # Git 用户名 → Agent ID 映射
+    def to_agent_id(git_username: str) -> str:
+        return GIT_TO_AGENT.get(git_username, git_username)
+    
     if x_gitea_event == "pull_request":
         action = event["action"]
         if action == "opened":
-            # 简单事件：直接发 Mail 通知司马懿
+            pr_author = to_agent_id(event["pull_request"]["user"]["login"])
             await send_mail(to="simayi-challenger", title=f"Review 请求: PR #{event['number']}", ...)
         elif action == "closed" and event["pull_request"]["merged"]:
             # merge 不需要通知，Actions 自动处理