I need to raise this as a critical issue rather than just an idea:

It seems that whenever new features are introduced (or existing ones are enhanced), permissions are automatically being enabled across existing roles without the account owner being notified or given the choice.

For example:

We carefully roll out features like the AI Agent for clients, with strict role-based access in place.

Later, we discover that team members or third-party users (who should have minimal permissions) suddenly have full access to make changes—simply because a new update gave them that ability by default.

📌 This has resulted in clients’ set-up work being disrupted multiple times a week.

This kind of behind-the-scenes change creates:

📌 Operational risk (users unintentionally breaking workflows)

📌 Security concerns (granting privileges that were never intended)

📌 A heavy management burden (we have to manually re-check permissions daily to ensure nothing broke).

Request:

Please, moving forward, do not auto-enable new permissions across existing roles. Instead:

📌 Default new permissions to “off” unless explicitly granted by the account admin

📌 Provide clear release notes or alerts so account owners can decide how and when to adjust access

Our customers are understandably upset when their workflows get disrupted, and it places avoidable strain on agencies and business owners trying to manage users responsibly. This feels like a bug in role/permission handling rather than a feature request.

Thank you for taking this seriously and helping us protect both our clients and your platform’s stability.