Currently, execute permissions can be removed entirely, which allows an action to be saved with no execute permissions at all. We need a product safeguard to prevent this by either:

Disallowing actions from being saved without any execute permissions, or

Automatically retaining the Admin role as a default execute permission.