AI generated an IAM trust policy for me that looked perfect — correct syntax, right structure, passed review. except the OIDC sub condition was scoped to the entire org instead of the specific repo. any workflow in the org could assume the role. took a week to catch it because it "worked."