It was a bit of a stupid query - a 'lookupResources' for all resources to which a user had 'read' access on a resource that by default has wildcard permissions, which naturally is an insanely large list. We incorporate checks for these in our review process but it can and does happen that they slip through from time to time