When a flow is created with connections both to on-premise systems and cloud based systems there is a risk of data leakage.
For example let's say that a flow gets data from a SharePoint site and exports it to a SQL Server database in the cloud. Let's suppose that this flow runs everytime a file is uploaded on a SharePoint library.
If the flow is assigned to several owners and one of them leaves the company this guy will loose access to the on-prem SharePoint but not to the database that is in the cloud. The flow can continue running and copy data to the external database without no one being aware.
To prevent that from happening I suggest that a special permission is given to the SQL Server connector : allow connection to cloud base databases or not. This permission would be manage by company administrators at the same level than Data Loss Policies.