Add access review certifier evidence gates by tick25108-cpu · Pull Request #1168 · UnitOneAI/SecuritySkills

tick25108-cpu · 2026-06-05T21:18:53Z

Summary

Addresses #1159 for the access-review skill.

This update adds certifier eligibility checks to the existing access review flow:

distinguishes tracked, authorized, time-bounded delegation from untracked or out-of-scope delegation
adds self-review and conflicted-certifier checks for users who certify their own access or can modify the same access they approve
adds required evidence fields for reviewer of record, actual certifier, delegation scope, decision timestamp, admin authority, and independence exceptions
marks certification completion as provisional when approve/revoke decisions exist but certifier eligibility is not evidenced
adds certifier independence metrics to the summary report and retention requirements for eligibility/delegation evidence

Submitting this as an Improver contribution under the repository contribution guidelines.

Add access review certifier evidence gates

850217b