The messaging-activemq subsystem exposes its subsystem module to the deployment classloader. According to comments, this was done to allow CDI to load the requisite portable extension to support JMSContext injection. This is a very bad idea, as the deployment can then access all of the subsystem internals (including its dependents).
The correct way to do this is to create a separate module containing userspace classes, including the CDI extension and its dependents. Only this module should ever be exposed to deployments.