I have this same issue where I have an action as a pre-user registration action, which will return api.access.deny with a message.
And that message is not shown in my signup lock form, only the default message is shown.
It means I am not able to use Actions and I’ll have to keep using Rules which are able to send back a customised error message to the Lock/Universal Login.
EDIT: I did discover a way to show the error in the end for the old Lock Pre-Registration Action calls api.access.deny, how to show specific message in Universal Login - #4 by jesse2