# Tool permission review risk brief

Use this brief before connecting an AI system to tools that can read sensitive records, update systems, send messages, or trigger downstream work. The goal is not to block tool use; it is to make authority explicit, reversible where possible, and observable when failures occur.

## Review sections

- Tool scope, credential owner, and action classes.
- Sensitive actions and required approvals.
- Dry-run, rollback, rate limit, and revocation controls.
- Audit evidence captured for every call.
- Release decision and named risk owner.