diff --git a/README.md b/README.md
index bb79302..9fc1e7a 100644
--- a/README.md
+++ b/README.md
@@ -73,7 +73,7 @@ This plugin requires some parameters to be set, so be sure to check below and fi
 
 ### `publish`
 
-Creates an unsigned XPI file out of the source directory and uploads it to the Mozilla Add On, using the web-ext sign command. The output from the sign command will be passed through to the console. If the package is validated and signed, it will downloaded the signed XPI file and store it in the artifacts directory under the specified file name.
+Creates an unsigned XPI file out of the source directory and uploads it to the Mozilla Add On, using the web-ext sign command. The output from the sign command will be passed through to the console. If the package is validated and signed, it will download the signed XPI file and store it in the artifacts directory under the specified file name. If the package is validated but not signed (including the case where manual review is required), it will store the unsigned XPI file in the artifacts directory.
 
 #### `publish` parameters
 
diff --git a/src/publish.js b/src/publish.js
index 048b221..d388872 100644
--- a/src/publish.js
+++ b/src/publish.js
@@ -2,6 +2,7 @@ const fs = require('fs')
 const path = require('path')
 
 const webExt = require('web-ext').default
+const defaultAddonSigner = require('sign-addon')
 
 const { verifyOptions } = require('./utils')
 
@@ -22,14 +23,29 @@ const publish = async options => {
     } = verifyOptions(options, ['extensionId', 'targetXpi'])
 
     const { FIREFOX_API_KEY, FIREFOX_SECRET_KEY } = process.env
-    const { success, downloadedFiles } = await webExt.cmd.sign({
-        apiKey: FIREFOX_API_KEY,
-        apiSecret: FIREFOX_SECRET_KEY,
-        artifactsDir,
-        channel,
-        id: extensionId,
-        sourceDir,
-    })
+
+    let unsignedXpiPath
+    const signAddon = async params => {
+        unsignedXpiPath = params.xpiPath
+        const result = await defaultAddonSigner(params)
+        if (!result.success && result.errorCode === 'ADDON_NOT_AUTO_SIGNED') {
+            result.success = true
+            result.downloadedFiles = result.downloadedFiles || []
+        }
+        return result
+    }
+
+    const { success, downloadedFiles } = await webExt.cmd.sign(
+        {
+            apiKey: FIREFOX_API_KEY,
+            apiSecret: FIREFOX_SECRET_KEY,
+            artifactsDir,
+            channel,
+            id: extensionId,
+            sourceDir,
+        },
+        { signAddon },
+    )
     if (!success) {
         throw new Error(
             'Signing the extension failed. See the console output from web-ext sign for the validation link',
@@ -37,7 +53,7 @@ const publish = async options => {
     }
     const [xpiFile] = downloadedFiles
     fs.renameSync(
-        path.join(artifactsDir, xpiFile),
+        xpiFile ? path.join(artifactsDir, xpiFile) : unsignedXpiPath,
         path.join(artifactsDir, targetXpi),
     )
 }