> Should that also be treated as a policy violation? This is clearly intentional.

I believe what’s described in the Qrator article could be a leaking route optimizer (like Noction) not a new hijack type.