A 1-10 person team in 2026 has approved-tool unapproved-capability shadow AI running inside its already-approved SaaS estate (Notion AI agents, Slack AI, Microsoft 365 Copilot, Atlassian Intelligence, Google Workspace Gemini, Salesforce Einstein) at near-universal incidence, because the vendors have shipped these capabilities as on-by-default or low-friction add-ons inside the existing licence path. The three discovery signs (SaaS bill line items the founder does not remember approving; team-member mentions of new features inside existing tools; vendor admin console notifications advertising auto-enabled AI capabilities) are reliable triggers for a 60-minute audit (SaaS bill review, vendor admin console walk, team check-in) that produces a one-page inventory mapping each AI capability to the tool, activation date, current users, data scope, and team's explicit posture. The inventory is the artefact that answers client procurement questions about AI tool exposure and the basis for any disable-or-restrict decisions.
Claim is scoped to the small-team operational layer of the intra-vendor shadow-AI problem covered for enterprise at AM-168. Asserts near-universal incidence for teams using mainstream SaaS tools in 2026 — does not assert every team is exposed to a harmful degree, only that the audit will find something in every team that has not run it. 30-day review cadence calibrated to vendor feature-release cycles. Trigger conditions: (1) a major SaaS vendor (Notion, Slack, Microsoft, Google, Atlassian, Salesforce) ships clearer default-off settings for new AI capabilities or per-workspace re-consent flows — would move toward Partial because the gap is closing structurally; (2) a small-business cyber-incident report or insurance bulletin traceable to an intra-vendor agent capability the team did not authorise — would confirm the operational exposure and harden the case-for-action; (3) a published change in the small-business AI compliance regime (EU AI Act guidance for SMB GPAI deployers, Colorado AI Act small-business provisions) requiring explicit consent for vendor-side AI capability changes — would change the operator's legal map; (4) emergence of an SMB-targeted shadow-AI discovery tool with intra-vendor capability coverage as a default feature — would change the discovery-instrument landscape.
/holding/OPS-075/Embed this claimiframe + oEmbed
The card auto-updates when the claim's status, last-reviewed date, or correction log changes. Embedders never need to refresh — the card is rendered live from the canonical record.
Email-me when OPS-075's status, next review date, or correction log changes. One email per change. No newsletter subscription, no other mail.
The claim: A 1-10 person team in 2026 has approved-tool unapproved-capability shadow AI running inside its already-approved SaaS estate (Notion AI agents, Slack AI, Microsoft 365 Copilot, Atlassian Intelligence, Google Workspace Gemini, Salesforce Einstein) at near-universal incidence, because the vendors have shipped these capabilities as on-by-default or low-friction add-ons inside the existing licence path. The three discovery signs (SaaS bill line items the founder does not remember approving; team-member mentions of new features inside existing tools; vendor admin console notifications advertising auto-enabled AI capabilities) are reliable triggers for a 60-minute audit (SaaS bill review, vendor admin console walk, team check-in) that produces a one-page inventory mapping each AI capability to the tool, activation date, current users, data scope, and team's explicit posture. The inventory is the artefact that answers client procurement questions about AI tool exposure and the basis for any disable-or-restrict decisions.
About this register
The Operators register tracks claims published from practitioner-advisory pieces addressed to solo founders, micro-SMB, and small businesses up to around fifty people. Claims are reviewed on a 30–45 day cadence — tooling and SMB-relevant pricing shift faster than enterprise procurement signals.
Recent corrections in Operators
- OPS-036 · Partial · 29 Apr 2026
Initial publication 29 Apr 2026. Status set to Partial at publication because clause 6 commentary references an order-of-magnitude remediation-cost gap derived from the IAPP 2024 AI Governance Profession Report; the report characterises the gap as material but does not publish a precise multiple, so the wording is annotated source: our-estimate.
- OPS-035 · Holding · 29 Apr 2026
Initial publication 29 Apr 2026. Status set to Partial at publication because category 5 lacks the same regulatory/cited-consequence anchor as categories 1-4.
- OPS-034 · Holding · 29 Apr 2026
Initial publication 29 Apr 2026 with status=partial. Cost-side claims (vendor pricing) verifiable against the four cited pricing pages on the publication date. Time-recovery claim (90+ min compressed to ~20 min) drawn from published productivity-blogger benchmarks rather than Peter-run measurement; first-cohort replication on the publication's tracked operator cohort due by 13 Jun 2026.
Reviews coming up in Operators
- OPS-005 · Holding · next +1d (26 May 2026)
At sub-1M tokens per month (typical SMB agent volume) in 2026, the absolute dollar gap between Claude Haiku 4.5, GPT-4o…
- OPS-003 · Holding · next +1d (26 May 2026)
For a solo founder choosing exactly one consumer AI subscription at around $20/month in 2026, the choice between Claude…
- OPS-002 · Holding · next +1d (26 May 2026)
For a 5-person consultancy already on either Notion or ClickUp in 2026, the AI features alone do not justify a workspac…