CODE_GUIDELINES.md

@@ -1677,16 +1677,16 @@ end
 **Security Guards:**
 
 ```elixir
-# Compile-time guard
-@allow_no_actor_bypass Mix.env() == :test
+# config/test.exs
+config :mv, :allow_no_actor_bypass, true
 
-# Runtime guard (double-check)
+# lib/mv/authorization/checks/no_actor.ex
+# Compile-time check from config (release-safe, no Mix.env)
+@allow_no_actor_bypass Application.compile_env(:mv, :allow_no_actor_bypass, false)
+
+# Uses compile-time flag only (no runtime Mix.env needed)
 def match?(nil, _context, _opts) do
-  if @allow_no_actor_bypass and Mix.env() == :test do
-    true  # Only in test
-  else
-    false  # Production/dev - fail-closed
-  end
+  @allow_no_actor_bypass  # true in test, false in prod/dev
 end
 ```
 
@@ -1694,7 +1694,8 @@ end
 
 - Test fixtures often need to create resources without an actor
 - Production operations MUST always have an actor for security
-- The double guard (compile-time + runtime) prevents config drift
+- Config-based guard (not Mix.env) ensures release-safety
+- Defaults to `false` (fail-closed) if config not set
 
 **NEVER Use NoActor in Production:**