Wallet protection is important, but detecting resource-computation circular dependencies is not less important even if it does not cost too much for a while. Whenever there are circular dependencies there is trouble ahead even if we might not know yet what kind of trouble it is going to be. In your case, if I’ve got it correctly, this is what happened:
Prior architectural analysis will not provide a 100% protection since that was a configuration mistake. To detect circular dependencies at run-time, some system-level auditing/monitoring solution is required. I don’t know if Epsagon and the like are looking at this direction, but any non-trivial Serverless system will sooner or later fail into the circular dependencies trap. Just a matter of time.