Anthropic's guide to using LLMs for source code security is well-designed for finding known vulnerability patterns. But source code bugs are not configuration posture, not compound risk, and not intent verification. Treating one class as the whole problem leaves the others invisible.