AWS to Quick admins: The access control didn't work, but you weren't using it anyway, so what's the problem?

**Executive summary:** Fog Security disclosed an authorization-bypass in Amazon Quick's AI Chat Agent that allowed authenticated users within a Quick account to circumvent administrator-set custom-permission denies and query agents potentially tied to customer data; AWS fixed the flaw rapidly but classified the issue as "severity: none" and issued no customer notification, raising concerns about access-control design and incident communication.