### Fixed
- `compose.py` — `_sanitize_required()` strips backticks (→ single-quotes) and collapses
  newlines from user-supplied required placeholder values, preventing Markdown injection
  into `AGENTS.md` via `REQUEST_SUMMARY` and similar fields.
- `eval-routing.py` — `extract_sentinel()` is now order-agnostic: `state=` and `verdict=`
  are parsed with independent sub-patterns so `CHIEF_EVAL: verdict=X state=Y` is accepted
  as well as the canonical `state=Y verdict=X` order.

### Tests
- 5 new unit tests for `_sanitize_required()` in `tests/unit/test_compose.py`.
- New `tests/unit/test_eval_routing.py` — 21 unit tests covering `extract_sentinel`,
  `evaluate`, `_parse_state`, and `_parse_verdict` via `importlib` (no package change needed).

---
