diff --git a/backend/app/api/board_webhooks.py b/backend/app/api/board_webhooks.py
index 7a74a9ea..7b7709de 100644
--- a/backend/app/api/board_webhooks.py
+++ b/backend/app/api/board_webhooks.py
@@ -203,11 +203,13 @@ def _verify_webhook_signature(
         )
 
 
-_REDACTED_HEADERS = frozenset({
-    "x-hub-signature-256",
-    "x-webhook-signature",
-    "authorization",
-})
+_REDACTED_HEADERS = frozenset(
+    {
+        "x-hub-signature-256",
+        "x-webhook-signature",
+        "authorization",
+    }
+)
 
 
 def _captured_headers(request: Request) -> dict[str, str] | None:
diff --git a/backend/app/api/skills_marketplace.py b/backend/app/api/skills_marketplace.py
index 3cd0040b..5c9fe721 100644
--- a/backend/app/api/skills_marketplace.py
+++ b/backend/app/api/skills_marketplace.py
@@ -687,9 +687,7 @@ def _sanitize_field(value: str) -> str:
     Prevents prompt injection via skill name or URL fields that could
     break out of the structured data section into the instruction section.
     """
-    sanitized = "".join(
-        ch if ch.isprintable() and ch not in {"\n", "\r"} else " " for ch in value
-    )
+    sanitized = "".join(ch if ch.isprintable() and ch not in {"\n", "\r"} else " " for ch in value)
     # Normalize any runs of whitespace (including tabs) down to single spaces.
     sanitized = re.sub(r"\s+", " ", sanitized)
     return sanitized.strip()
diff --git a/backend/tests/test_security_fixes.py b/backend/tests/test_security_fixes.py
index 2195de87..6f65b0e4 100644
--- a/backend/tests/test_security_fixes.py
+++ b/backend/tests/test_security_fixes.py
@@ -494,5 +494,3 @@ class TestWebhookPayloadSizeLimit:
 # ---------------------------------------------------------------------------
 # Task 12: Gateway token redaction
 # ---------------------------------------------------------------------------
-
-