The permissions asymmetry is a real governance gap. Reviewing AI agent tooling at TechSifted, the ones that build in least-privilege patterns (explicit scope declaration, human-in-the-loop on destructive ops) are still a small minority. Most tools prioritize capability over containment. Worth tracking as an enterprise selection criterion.