Skip to content
Holding·last review10 Jun 2026

A 1-10 person team in 2026 has approved-tool unapproved-capability shadow AI running inside its already-approved SaaS estate (Notion AI agents, Slack AI, Microsoft 365 Copilot, Atlassian Intelligence, Google Workspace Gemini, Salesforce Einstein) at near-universal incidence, because the vendors have shipped these capabilities as on-by-default or low-friction add-ons inside the existing licence path. The three discovery signs (SaaS bill line items the founder does not remember approving; team-member mentions of new features inside existing tools; vendor admin console notifications advertising auto-enabled AI capabilities) are reliable triggers for a 60-minute audit (SaaS bill review, vendor admin console walk, team check-in) that produces a one-page inventory mapping each AI capability to the tool, activation date, current users, data scope, and team's explicit posture. The inventory is the artefact that answers client procurement questions about AI tool exposure and the basis for any disable-or-restrict decisions.

Re-review 10 Jun 2026: incidence leg confirmed current. Notion 3.3 shipped Custom Agents inside the existing licence path (release notes 24 Feb 2026) and extended them to private Slack channels (1 May 2026); Slack AI enabled at workspace level grants every paid seat access; 2026 admin guidance for Copilot, Gemini and Apple Intelligence describes embedded AI as arriving by default with disabling as the admin task. Notion restricts agent-creation controls to Business and Enterprise admins - a partial control, not default-off or per-workspace re-consent, so trigger (1) has not fired; triggers (2)-(4) silent on search. Audit instrument unchanged. Claim is scoped to the small-team operational layer of the intra-vendor shadow-AI problem covered for enterprise at AM-168. Asserts near-universal incidence for teams using mainstream SaaS tools in 2026 — does not assert every team is exposed to a harmful degree, only that the audit will find something in every team that has not run it. 30-day review cadence calibrated to vendor feature-release cycles. Trigger conditions: (1) a major SaaS vendor (Notion, Slack, Microsoft, Google, Atlassian, Salesforce) ships clearer default-off settings for new AI capabilities or per-workspace re-consent flows — would move toward Partial because the gap is closing structurally; (2) a small-business cyber-incident report or insurance bulletin traceable to an intra-vendor agent capability the team did not authorise — would confirm the operational exposure and harden the case-for-action; (3) a published change in the small-business AI compliance regime (EU AI Act guidance for SMB GPAI deployers, Colorado AI Act small-business provisions) requiring explicit consent for vendor-side AI capability changes — would change the operator's legal map; (4) emergence of an SMB-targeted shadow-AI discovery tool with intra-vendor capability coverage as a default feature — would change the discovery-instrument landscape.

Published
24 May 2026
Last reviewed
10 Jun 2026
Next review
+22d· 10 Jul 2026
Cohort
1-10 person team using mainstream SaaS tools (Notion, Slack, Microsoft 365 or Google Workspace, project tools, CRM, helpdesk) on paid client work without a dedicated IT or security function
Cadence
30-day
Sibling claim
AM-168Approved tool, unapproved capability: the 2026 shadow-AI gap your discovery playbook does not see
Embed this claimiframe + oEmbed
HTML iframe
Paste-the-URL (Substack, Medium, Notion, WordPress)

The card auto-updates when the claim's status, last-reviewed date, or correction log changes. Embedders never need to refresh — the card is rendered live from the canonical record.

Watch this claim

Email-me when OPS-075's status, next review date, or correction log changes. One email per change. No newsletter subscription, no other mail.

The claim: A 1-10 person team in 2026 has approved-tool unapproved-capability shadow AI running inside its already-approved SaaS estate (Notion AI agents, Slack AI, Microsoft 365 Copilot, Atlassian Intelligence, Google Workspace Gemini, Salesforce Einstein) at near-universal incidence, because the vendors have shipped these capabilities as on-by-default or low-friction add-ons inside the existing licence path. The three discovery signs (SaaS bill line items the founder does not remember approving; team-member mentions of new features inside existing tools; vendor admin console notifications advertising auto-enabled AI capabilities) are reliable triggers for a 60-minute audit (SaaS bill review, vendor admin console walk, team check-in) that produces a one-page inventory mapping each AI capability to the tool, activation date, current users, data scope, and team's explicit posture. The inventory is the artefact that answers client procurement questions about AI tool exposure and the basis for any disable-or-restrict decisions.

About this register

The Operators register tracks claims published from practitioner-advisory pieces addressed to solo founders, micro-SMB, and small businesses up to around fifty people. Claims are reviewed on a 30–45 day cadence — tooling and SMB-relevant pricing shift faster than enterprise procurement signals.

Recent corrections in Operators

  • OPS-068 · Partial · 17 Jun 2026

    Source-text re-review: the '$300-$500 (2024) toward $100-$130 (early 2026)' median trajectory is not stated in either cited source — the Godberry Studios teardown reports stack cost by revenue tier (not a year-over-year median) and BetterCloud's SaaS-industry data covers enterprise spend, not solopreneur AI subscriptions. The compression direction is supported by the Godberry tier data and observable foundation-model bundling; the specific year-anchored median figures are reclassified as source:our-estimate in the article. The load-bearing claim (active compression / category-collapse) holds; status moved to Partial pending a primary source carrying a dated solopreneur-median series.

  • OPS-051 · Partial · 10 Jun 2026

    One named member of the generation cluster was already defunct at publication: Tome shut down its presentation/narrative product (Tome Slides) in March 2025 and pivoted to sales tooling, with the brand later sold to AngelList (deckary.com shutdown timeline; signalhub.substack.com post-mortem, both checked 10 Jun 2026). The generation cluster reduces to Pitch + Gamma. The two-cluster thesis itself is unaffected and arguably strengthened — the pure AI-narrative product failed to find a sustainable business while Gamma (70M users, $100M ARR as of Nov 2025) and the assembly cluster (PandaDoc, Better Proposals, Proposify per Luniq 2026 agency comparison) both compound. Status Up → Partial for the factual error in the tool list.

  • OPS-022 · Partial · 10 Jun 2026

    Vendor attribution error in the claim text. The claim names Polley Faith among 'Spellbook with named small-firm customers Westaway, KMSC Law, Polley Faith'. Polley Faith LLP is a Harvey-listed law-firm customer, not a Spellbook customer: the live Spellbook site (now spellbook.com; spellbook.legal 301-redirects) names Westaway, KMSC Law, and McInnes Cooper with no Polley Faith, and the source article's own body correctly places Polley Faith on Harvey's roster — the claim text and the article excerpt bundled it with the wrong vendor at publish. The remaining legs verify against extracted source text on 10 Jun 2026: Anthropic's GC AI customer story carries 'More than 1,500 companies' and '14 hours saved per week on average ... based on a survey of more than 100 active customers' verbatim; Harvey's published roster (Thompson Hine, Fox Rothschild, Lowenstein Sandler, Polley Faith) matches; ABA Formal Opinion 512 remains the governance baseline. The corpus reading (AI ships at 1-to-20 lawyer scale; privileged work stays on Enterprise-tier zero-retention access) is unaffected. Status Up -> Partial.

Reviews coming up in Operators

  • OPS-030 · Holding · next +9d (27 Jun 2026)

    The fastest path for an owner-operator to build practical agentic-AI competence in 2026 is the three-week build-by-ship…

  • OPS-029 · Holding · next +9d (27 Jun 2026)

    For solo founders and small teams (under ~50 people) building with AI in 2026, the build-vs-buy decision tree has inver…

  • OPS-005 · Holding · next +9d (27 Jun 2026)

    At sub-1M tokens per month (typical SMB agent volume) in 2026, the absolute dollar gap between Claude Haiku 4.5, GPT-4o…