6f4d7e6b5b
When a project is added/removed for any user, all users' Deny policies must be updated - new projects need to be added to other users' deny lists to prevent unauthorized cross-project access. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>