diff --git a/CODE_GUIDELINES.md b/CODE_GUIDELINES.md
index c87be41..fb7bc23 100644
--- a/CODE_GUIDELINES.md
+++ b/CODE_GUIDELINES.md
@@ -1672,7 +1672,7 @@ end
 
 - Allows CRUD operations without an actor in **test environment only**
 - Denies all operations without an actor in **production/dev** (fail-closed)
-- Uses both compile-time and runtime guards to prevent accidental production use
+- Uses compile-time config check to prevent accidental production use (release-safe)
 
 **Security Guards:**
 
@@ -1720,8 +1720,8 @@ Ash.create!(Member, attrs, actor: system_actor)
 
 **Testing:**
 
-- NoActor tests verify both compile-time and runtime guards
-- Tests ensure NoActor returns `false` in non-test environments
+- NoActor tests verify the compile-time config guard
+- Production safety is guaranteed by config (only set in test.exs, defaults to false)
 - See `test/mv/authorization/checks/no_actor_test.exs`
 
 ### 5.2 Password Security