Defense-in-Depth Independence Assumption Failure

• Entity ID: ent-20260423-p3a00000000b
• Type: concept
• Scope: private
• Status: active

Description

The paper's critique that Claude Code's layered safety architecture rests on an independence assumption (if one layer fails, others catch the violation) that can be violated when layers share common performance/economic constraints. Adversa.ai (2026) documented that commands with more than 50 subcommands fall back to a single generic approval prompt instead of per-subcommand deny-rule checks, because per-subcommand parsing caused UI freezes. Demonstrates that defense-in-depth fails when performance pressure degrades multiple layers simultaneously.

Key claims

• Defense-in-depth fails when layers share performance constraints
• Approval-fatigue reframes safety as a human-factors problem

Relations

• Defense-in-Depth Independence Assumption Failure --[informs]--> Architectural Convergence Thesis

Sources

src-20260423-0cff68d3291b