What This Looks Like
A tool, connector, function, or integration can change state, send data, update records, trigger workflows, or perform actions without a clear responsible authority. The tool may be callable by an agent, but the system does not declare who owns the action, who approved it, or who can reverse it.
Why It Matters
Tools turn AI decisions into operational effects. If a tool can act without responsible authority, the workflow may allow state changes without accountability. This creates risk around permissions, approvals, audit trails, and recovery when something goes wrong.
Structural Signal
A tool action exists without a connected authority owner. The issue is not only that the tool can act; it is that the action is not governed by a declared approval or responsibility structure.
Common Triggers
- Tool access is granted broadly without action-level ownership
- The tool schema declares what can be done but not who authorizes it
- Agent permissions are inherited from a workspace or account
- Tool calls can modify state without a review gate
- Audit metadata records execution but not responsible authority
- The workflow treats tool availability as permission to act
When to Use This Issue
Use this Issue when a tool, connector, function, or integration can perform an action without a declared responsible owner, authority, or approval path.
When Not to Use This Issue
Do not use this Issue when the tool fails because of missing inputs or wrong schema. Do not use it when the authority is declared and the tool simply executes incorrectly.