From a69d863d1faf9feec6bbb86d241f487f99c55ed3 Mon Sep 17 00:00:00 2001
From: Jordan Suber <38364814+Notoriousjayy@users.noreply.github.com>
Date: Sun, 18 Jan 2026 18:41:15 -0500
Subject: [PATCH] Autofix: Code scanning alert #3

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 scripts/apply_policy.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/scripts/apply_policy.py b/scripts/apply_policy.py
index e551698..99b9f82 100644
--- a/scripts/apply_policy.py
+++ b/scripts/apply_policy.py
@@ -66,7 +66,12 @@ def main() -> int:
 
     logging.basicConfig(level=logging.INFO, format="%(asctime)s %(levelname)s %(message)s")
 
-    cfg = json.loads(Path(args.config).read_text(encoding="utf-8"))
+    config_path = Path(args.config).expanduser().resolve()
+    if not config_path.is_file():
+        log.error("Configuration file does not exist or is not a file: %s", config_path)
+        return 1
+
+    cfg = json.loads(config_path.read_text(encoding="utf-8"))
 
     rest, _ = create_clients()
     sec = RepoSecurityClient(rest)