diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index e696a0f..ac1ebd9 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -41,10 +41,15 @@ jobs:
           key_file="$(mktemp)"
           trap 'rm -f "${key_file}"' EXIT
 
-          if [[ "${GPG_PRIVATE_KEY}" == *"-----BEGIN PGP PRIVATE KEY BLOCK-----"* ]]; then
-            printf '%s' "${GPG_PRIVATE_KEY}" | sed 's/\\n/\n/g' > "${key_file}"
+          normalized_key="$(printf '%s' "${GPG_PRIVATE_KEY}" | sed 's/\\n/\n/g')"
+
+          if [[ "${normalized_key}" == *"-----BEGIN PGP PRIVATE KEY BLOCK-----"* ]]; then
+            printf '%s' "${normalized_key}" > "${key_file}"
           else
-            printf '%s' "${GPG_PRIVATE_KEY}" | base64 --decode > "${key_file}"
+            if ! printf '%s' "${normalized_key}" | base64 --decode > "${key_file}" 2>/dev/null; then
+              echo "::notice::GPG_PRIVATE_KEY is not valid base64-encoded. Using raw key format. If import fails, verify the secret contains a valid PGP private key block (armored format)."
+              printf '%s' "${normalized_key}" > "${key_file}"
+            fi
           fi
 
           gpg --batch --import "${key_file}"