Under GDPR, you have to ensure you gather consent properly. If your tools are not equipped to deal with that, that's your problem, not the tool's author's.
You seem to imply that consent is required. Consent is not required if you are not gathering data that needs to be consented to.
If my tools are gathering data behind my back and not telling me, that is troubling. I should not be liable for this, as it is an abuse of trust that would result in me no longer using the tool had I known prior.
If you can't ensure the tools you use are not fucking your customers over, you shouldn't be using those tools.
Sure if you did the due diligence, and they actually hid that they use cookies[0], both in their documentation and technically while you were developing, then enabled them in production, where you missed them, sure. But most don't hide they use cookies, not in documentation and not while developing.
[0] By cookies I mean anything that would require consent
Yes, using 3rd party tools that you don't fuly understand should not be a plausible deniability shield. Otherwise, everyone with intent would be hiding behind it.
> If my tools are gathering data behind my back and not telling me, that is troubling. I should not be liable for this, as it is an abuse of trust that would result in me no longer using the tool had I known prior.
Well, you can sue tool makers if they lied to you.
But ability to just say "but I didn't know" would be catastrophic to any accountability, as nobody would even read a manual to be able to plausibly claim that they didn't knew.
In similar way you can't go shoplifting then claim you didn't know that was a crime.
If my tools are gathering data behind my back and not telling me, that is troubling. I should not be liable for this, as it is an abuse of trust that would result in me no longer using the tool had I known prior.