diff --git a/pkg/client/client.go b/pkg/client/client.go
index 122b96c3..41b20f5f 100644
--- a/pkg/client/client.go
+++ b/pkg/client/client.go
@@ -947,18 +947,20 @@ func (c *KpmClient) Download(dep *pkg.Dependency, homePath, localPath string) (*
 }
 
 func (c *KpmClient) ValidateDependency(dep *pkg.Dependency) error {
-	tmpKclPkg := pkg.KclPkg{
-		HomePath: dep.LocalFullPath,
-		Dependencies: pkg.Dependencies{Deps: func() *orderedmap.OrderedMap[string, pkg.Dependency] {
-			m := orderedmap.NewOrderedMap[string, pkg.Dependency]()
-			m.Set(dep.Name, *dep)
-			return m
-		}()},
-		NoSumCheck: c.GetNoSumCheck(),
-	}
-
-	if err := c.DepChecker.Check(tmpKclPkg); err != nil {
-		return reporter.NewErrorEvent(reporter.InvalidKclPkg, err, fmt.Sprintf("%s package does not match the original kcl package", dep.FullName))
+	if ok, err := features.Enabled(features.SupportCheckSum); err == nil && ok {
+		tmpKclPkg := pkg.KclPkg{
+			HomePath: dep.LocalFullPath,
+			Dependencies: pkg.Dependencies{Deps: func() *orderedmap.OrderedMap[string, pkg.Dependency] {
+				m := orderedmap.NewOrderedMap[string, pkg.Dependency]()
+				m.Set(dep.Name, *dep)
+				return m
+			}()},
+			NoSumCheck: c.GetNoSumCheck(),
+		}
+
+		if err := c.DepChecker.Check(tmpKclPkg); err != nil {
+			return reporter.NewErrorEvent(reporter.InvalidKclPkg, err, fmt.Sprintf("%s package does not match the original kcl package", dep.FullName))
+		}
 	}
 
 	return nil
diff --git a/pkg/client/client_test.go b/pkg/client/client_test.go
index 01ff298c..b6fd6e36 100644
--- a/pkg/client/client_test.go
+++ b/pkg/client/client_test.go
@@ -27,6 +27,7 @@ import (
 	"kcl-lang.io/kcl-go/pkg/kcl"
 	"kcl-lang.io/kpm/pkg/downloader"
 	"kcl-lang.io/kpm/pkg/env"
+	"kcl-lang.io/kpm/pkg/features"
 	"kcl-lang.io/kpm/pkg/opt"
 	pkg "kcl-lang.io/kpm/pkg/package"
 	"kcl-lang.io/kpm/pkg/reporter"
@@ -2263,3 +2264,46 @@ func testPushWithInsecureSkipTLSverify(t *testing.T) {
 
 	assert.Equal(t, buf.String(), "Called Success\n")
 }
+
+func TestValidateDependency(t *testing.T) {
+	features.Enable(features.SupportCheckSum)
+	defer features.Disable(features.SupportCheckSum)
+
+	kpmcli, err := NewKpmClient()
+	assert.Equal(t, err, nil)
+
+	dep1 := pkg.Dependency{
+		Name:          "helloworld",
+		FullName:      "helloworld_0.1.2",
+		Version:       "0.1.2",
+		Sum:           "PN0OMEV9M8VGFn1CtA/T3bcgZmMJmOo+RkBrLKIWYeQ=",
+		LocalFullPath: "path/to/kcl/package",
+		Source: downloader.Source{
+			Oci: &downloader.Oci{
+				Reg:  "ghcr.io",
+				Repo: "kcl-lang/helloworld",
+				Tag:  "0.1.2",
+			},
+		},
+	}
+	err = kpmcli.ValidateDependency(&dep1)
+	assert.Equal(t, err, nil)
+
+	dep2 := pkg.Dependency{
+		Name:          "helloworld",
+		FullName:      "helloworld_0.1.2",
+		Version:       "0.1.2",
+		Sum:           "fail-to-validate-dependency",
+		LocalFullPath: "path/to/kcl/package",
+		Source: downloader.Source{
+			Oci: &downloader.Oci{
+				Reg:  "ghcr.io",
+				Repo: "kcl-lang/helloworld",
+				Tag:  "0.1.2",
+			},
+		},
+	}
+
+	err = kpmcli.ValidateDependency(&dep2)
+	assert.Error(t, err)
+}
diff --git a/pkg/features/features.go b/pkg/features/features.go
index 0e69fc49..95d4dbbf 100644
--- a/pkg/features/features.go
+++ b/pkg/features/features.go
@@ -13,12 +13,15 @@ const (
 	SupportMVS = "SupportMVS"
 	// SupportNewStorage is the feature gate for enabling the support for the new storage structure.
 	SupportNewStorage = "SupportNewStorage"
+	// SupportCheckSum is the feature gate for enabling the support for the checksum verification.
+	SupportCheckSum = "SupportCheckSum"
 )
 
 var (
 	features = map[string]bool{
 		SupportMVS:        false,
 		SupportNewStorage: false,
+		SupportCheckSum:   false,
 	}
 	mu sync.Mutex
 )