I noticed that when performing some operations, like setting up governance datasets, the instance is not required to be specified when using a token. This is quite dangerous, as a simple error of copying and pasting the wrong token can cause a major data breach for individuals working in multiple instances. It should be required to specify the instance wherever possible, as the second part of the credential.
Note - It should not mean the action must be taken on that particular instance, but just as a confirmation that the access token being used is for the stated instance. The governance datasets are a great test for this issue. It's ok to be able to bring governance data into a different instance so that metadata can be managed centrally, but it should not be possible to bring in the wrong instance's data. As of today, that mistake is possible and easy to make.