I would make

$admin->add_user(...);
[download]

so that the user who wants to add another has to login! And possibly remember which user was created from whom. But My::Authentication->add_role($role) is ok.