The hub.secret property needs far more explaining of how the secret is generated:

"The X-Hub-Signature header is generated by sha256(secret, notification_bytes)"

It should say something along the lines of

"The X-Hub-Signature header is generated by using HMAC sha256 with the provided secret being the one specified in hub.secret: hmac(sha256, hubsecret).hash(notificationbody)"