That relies on a programmer doing the right thing and knowing when to use the escape valve. From the codebases I've seen, I don't trust humans in doing the right thing and being judicious with this. But it's a good point, knowing when to deviate from a pattern is a strong plus.
That's why code reviews exist, it's good process to make code reviews mandatory.
It's too much of a stretch to call null an escape hatch, or to pretend that code reviews will somehow strip it out.
The OpenJDK HashMap returns null from get(), put() and remove(), among others. Is this just because it hasn't been reviewed enough yet?
> pretend that code reviews will somehow strip it out.
Code reviews 'somehow' strip out poorly thought out new uses of escape hatches.
For your example, it would be an use of get, put or remove without checking the result.