Attio has updated its permissions system to follow an additive model, where the most permissive grant always takes precedence regardless of whether it is set at the workspace, team, or individual level. Administrators can now start with restrictive defaults at the workspace level and selectively grant broader access to specific teams or individuals. Each permission level can only expand access, never restrict it further down the hierarchy. The update also changes how workflows handle permissions: they now inherit the workspace default again, which Attio says simplifies building workflows as human members and AI agents collaborate. Existing permission configurations remain unaffected by the change.