In late 2025, Amazon Web Services experienced a 13 hour outage. This outage was traced back to their internal AI system making infrastructure changes it had permission to make. The system didn’t malfunction nor did it go rogue. It simply acted within the authority it had been granted and yet, it led to worldwide outage affecting over 70,000 companies and leading to millions of dollars worth of productivity losses.
Months earlier, an AI developer reported that Replit's coding agent accidentally deleted a company's entire database which could be described as a catastrophic failure.
And just this past week, a director at Meta's SuperIntelligence Labs, shared that the AI agent she set up as an assistant, began to delete all her emails from her inbox.
Even though these are different companies using different tools, we are seeing similar outcomes. The most advanced organizations in the world, staffed by elite engineers and security professionals, are struggling with the same problem:
AI systems are being given more and more authority and the humans granting permission aren't taking the steps to contain them.
If companies with world-class talent are learning this lesson the hard way, smaller organizations should assume they too will be facing the same risk in the near future.
This is the beginning of what may grow into an AI Permission Crisis.
For decades, software followed a simple model. A user would make a decision, complete an action and the software would execute as expected. When a person presses send, we expect the message to be sent. Every meaningful action had a visible human control moment. Most of the outcomes are predictable.
Agentic AI changes that model completely.
New model: Human authorizes once → AI continuously makes decisions and takes action.
Now you can connect an agent to your inbox, CRM, or even computer systems. You define goals, then the agent makes multiple operational decisions on your behalf.
AI only becomes operationally valuable once it can act. With broad permissions, the AI agent will feel like magic. When tight permissions are set, AI feels less impressive, capable and more work to manage. Naturally, humans will opt for the path of least resistance. Unfortunately, it's a path that leads to more risk.
It’s easy to blame the AI agent or system for these incidents that occurred but that would be wrong and actually lazy. The AI agents are always behaving exactly as designed.
With AI being on the forefront of every business's collective mind, there is a lot of pressure for teams to start integrating and using AI as quickly as possible. The problem is that AI capabilities are expanding rapidly but humans are slowly adapting to them. The magic of AI agents is its ability to just do what we tell it to do. We implicitly trust that it will make the right decision. This often doesn't become dangerous until the system encounters an edge case and makes a decision on its own. The root cause for most AI incidents is humans not thinking through the risks of granting wide access to an AI Agent with a large set of capabilities. This is an Authority Gap.
Over-permissioning often doesn't happen in a single decision, it accumulates over time. Organizations optimize for speed because speed is measurable. The risk accumulates silently:
Then when an AI system acts exactly as authorized, everyone is surprised.
The real question isn’t “Is AI Safe?” The real question is “Is your organization designed to survive mistakes the AI system may make?”
AI systems optimize objectives, not consequences. They do not have a true understanding of your customer trust, contracts and operational nuance. Safety cannot live inside prompts or intentions. It must live in the system's design. When AI agents are going to do meaningful work, permission design becomes a leadership discipline.
Every workflow should have at least 3 categories:
The goal is not picture perfect automation, the goal is reversible mistakes.
Agentic systems remove visible decision points. You must intentionally design new ones.
Large enterprises at least have incident response teams. SMBs often do not. This means the same permission mistake can have a larger impact. The lesson from these AI incidents isn’t that AI is dangerous, it's that the natural human tendencies can lead to unintended consequences when it comes to AI. Smaller teams must design authority more intentionally because they often have fewer safety nets.
The AI Permission Crisis is not a reason to slow down. We just need to build differently. The organizations that avoid AI related incidents will not be the ones who completely avoid delegation, they will be the ones who design authority deliberately. When agents operate inside guardrails, failures stay small and are easy to recover from. There are less fires to fight and more time spent improving the system.
If you want an innovation partner to help you think through, design, and implement AI in your business, that’s what we do at madebygoodyutes. Reach out to schedule a 1:1 conversation and lets explore what working together could look like. We can map out where AI and automation can have the biggest impact in your business. You can learn more at www.madebygoodyutes.com.
