diff --git a/git-hangman-lab/scripts/publish-package b/git-hangman-lab/scripts/publish-package
index 0dea4e6..00e9eee 100755
--- a/git-hangman-lab/scripts/publish-package
+++ b/git-hangman-lab/scripts/publish-package
@@ -71,19 +71,39 @@ do_docker() {
   LOCKFILE="$HOME/.openclaw/.docker"
   lock-mgr acquire "$LOCKFILE" "$KEY"
 
-  trap 'docker logout "$REGISTRY" 2>/dev/null || true; lock-mgr release "$LOCKFILE" "$KEY" 2>/dev/null || true' EXIT
+  # Push via SSH tunnel to bypass Cloudflare's 100MB request body limit.
+  # Tunnel forwards 127.0.0.1:$TUNNEL_PORT on this host to Gitea's HTTP port on vps.git.
+  TUNNEL_HOST="root@vps.git"
+  TUNNEL_PORT="5000"
+  TUNNEL_LOCAL="127.0.0.1:${TUNNEL_PORT}"
+  TUNNEL_CTL="$HOME/.openclaw/.docker-tunnel.sock"
+  rm -f "$TUNNEL_CTL"
+  ssh -fN -o ExitOnForwardFailure=yes -o ControlMaster=yes -o ControlPath="$TUNNEL_CTL" \
+      -L "${TUNNEL_LOCAL}:127.0.0.1:3000" "$TUNNEL_HOST"
 
-  echo "Logging in to $REGISTRY..."
-  docker login "$REGISTRY" -u "$OWNER" -p "$(secret-mgr get-secret --key git)" 2>/dev/null
+  cleanup() {
+    ssh -O exit -o ControlPath="$TUNNEL_CTL" "$TUNNEL_HOST" 2>/dev/null || true
+    rm -f "$TUNNEL_CTL"
+    docker logout "$REGISTRY" 2>/dev/null || true
+    docker logout "$TUNNEL_LOCAL" 2>/dev/null || true
+    lock-mgr release "$LOCKFILE" "$KEY" 2>/dev/null || true
+  }
+  trap cleanup EXIT
+
+  echo "Logging in to $REGISTRY (via tunnel $TUNNEL_LOCAL)..."
+  docker login "$TUNNEL_LOCAL" -u "$OWNER" -p "$(secret-mgr get-secret --key git)" 2>/dev/null
 
   FULL_IMAGE="${REGISTRY}/${OWNER}/${IMAGE}:${TAG}"
+  TUNNEL_IMAGE="${TUNNEL_LOCAL}/${OWNER}/${IMAGE}:${TAG}"
   echo "Building: $FULL_IMAGE"
 
   cd "$REPO"
   docker build -t "$FULL_IMAGE" .
+  docker tag "$FULL_IMAGE" "$TUNNEL_IMAGE"
 
-  echo "Pushing: $FULL_IMAGE"
-  docker push "$FULL_IMAGE"
+  echo "Pushing via tunnel: $TUNNEL_IMAGE"
+  docker push "$TUNNEL_IMAGE"
+  docker rmi "$TUNNEL_IMAGE" 2>/dev/null || true
 
   # Link package to repository
   TOKEN=$(secret-mgr get-secret --key git-access-token)
@@ -152,4 +172,4 @@ case "$COMMAND" in
   nuget)  do_nuget ;;
   pypi)   do_pypi ;;
   npm)    do_npm ;;
-esac
\ No newline at end of file
+esac