diff --git a/systems/x86_64-linux/mx/nextcloud-claude-bot/bot.py b/systems/x86_64-linux/mx/nextcloud-claude-bot/bot.py
index 044da45..54d9622 100644
--- a/systems/x86_64-linux/mx/nextcloud-claude-bot/bot.py
+++ b/systems/x86_64-linux/mx/nextcloud-claude-bot/bot.py
@@ -61,17 +61,19 @@ def verify_signature(body: bytes, signature: str) -> bool:
     if not BOT_SECRET:
         log.warning("No bot secret configured, skipping signature verification")
         return True
-    
+
     expected = hmac.new(
         BOT_SECRET.encode(),
         body,
         hashlib.sha256
     ).hexdigest()
-    
+
     # Nextcloud sends: sha256=<hex>
     if signature.startswith("sha256="):
         signature = signature[7:]
-    
+
+    log.info(f"Signature verification: secret_len={len(BOT_SECRET)}, expected={expected[:16]}..., received={signature[:16]}...")
+
     return hmac.compare_digest(expected, signature)