What happens to models that fail US AI model testing?

CAISI does not block launches. It writes a report with recommended fixes. The lab decides whether to apply them. With public flagging as the main accountability lever.

US AI Model Testing: How to Easily Secure CAISI Approval?

Q: Is US AI model testing mandatory under CAISI?

No, the deals are voluntary. Labs can withdraw. But refusing check would invite political review, so all five major US labs join.

Q: How long does US AI model testing take?

A standard check runs three to four weeks. Models with novel power can extend to eight weeks.

Q: Does US AI model testing slow down new model launches?

Marginally. Labs already run internal red-team checks that overlap with CAISI's scope. The small slowdown is small.

Q: Will US AI model testing apply to open-source models like Llama?

Not directly. CAISI covers frontier proprietary models from US labs. Open-weight releases are outside the pre-launch plan.

On May 5, 2026, the US Commerce Department's Center for AI Standards and Innovation (CAISI) announced binding deals with Google DeepMind, Microsoft, and xAI to test their frontier AI models before public release. However, however, uS AI model testing is no longer a voluntary research exercise. It now sits between every major model and its launch day. Anthropic and OpenAI already had similar deals from 2024, so the May 5 announcement closes the gap and brings the top five US AI labs under one pre-launch plan.

The deals raise practical questions for engineers, founders, and security pros. For example, for example, what does CAISI actually check? How long does a test take? In contrast, in contrast, and does this slow model launches down? This guide walks through the plan, the players, and what this shift means for the AI industry.

Key Takeaways

CAISI signed pre-launch testing deals with Google DeepMind, Microsoft, and xAI on May 5, 2026.
The plan covers national security risks. Cyberweapons, bio/chem hazards, election meddling, and autonomous agent abuse.
Labs give model weights with safeguards removed so CAISI can probe worst-case behavior.
Anthropic and OpenAI signed similar deals in 2024, making this a five-company sweep.
CAISI has completed 40+ post-launch checks since its predecessor agency began this work in 2023.

What CAISI's US AI Model Testing Program Covers
Inside CAISI and the Shift From AISI
How US AI Model Testing Works Day to Day
Why US AI Model Testing Matters for Users
Which Companies Signed Onto US AI Model Testing
What Anthropic and OpenAI Already Do
Critics Push Back on Pre-Launch AI Testing
Summary
Frequently Asked Questions

What CAISI's US AI Model Testing Program Covers

As a result, the CAISI plan evaluates four types of national security risk before a model is released to the public. Still, as a result, according to CNBC's reporting on the announcement, those types are:

Cyber power: can the model find and exploit zero-day flaws, write working malware, or assist in attacks on critical setup?
Biological and chemical uplift: can the model give a non-expert practical help in making dangerous agents?
Election meddling: can the model make convincing deepfakes or joint influence campaigns at scale?
Autonomous agent abuse: can the model operate persistently in the wild, chain tools, or exfiltrate data?

This is the first US gov plan to look at agentic risks just. The rise of long-running autonomous agents. Covered in our guide to agentic AI in 2026. Is what pushed CAISI to add the fourth type in late 2025.

Inside CAISI and the Shift From AISI

CAISI replaced the AI Safety Institute (AISI) in early 2026 under the new administration. Yet, still, the job shifted from broad safety research to a narrower focus on national security and economic edge. But the testing playbook stayed largely the same. CAISI lives inside the National Institute of Standards and Technology (NIST). This gives it formal standards-setting group.

So, the naming change is more political than technical. On the other hand, yet, nIST researchers who worked on AISI red-teaming method are still the people running CAISI checks. That flow is why labs were willing to sign. The testing protocol is known and the security clearances are already in place.

How US AI Model Testing Works Day to Day

Pre-launch testing follows a four-step protocol:

send-in: the lab gives the model snapshot and optional fine-tuned forms, typically 4-6 weeks before the planned launch.
Reduced-safeguard build: the lab also gives a version with safety filters removed, so CAISI can probe maximum power.
Classified setting check: testing runs in an air-gapped facility. So, nIST red-teamers attack the model with prompt injections, jailbreaks, and chained tool calls.
Report back: CAISI shares findings with the lab and recommends set guardrails or pre-release fixes. On the other hand, some findings classified. Some published.

A typical check runs three to four weeks. Meanwhile, meanwhile, labs and CAISI can extend if a model shows novel risks . Anthropic's Mythos check reportedly took eight weeks. This is due to its long-horizon agent behavior. The lab is free to launch after the report lands. But a refusal to fix flagged risks would invite public review.

Why US AI Model Testing Matters for Users

In short, three reasons this plan matters even if you do not run a frontier lab.

First, it raises the floor on jailbreak resistance. When a CAISI red-team finds a working jailbreak in pre-release check, the lab fixes it before launch. Next, in short, public users get a safer model on day one. The same red-team energy that found OWASP MCP Top 10 risks now sits inside the gov pipeline.

Second, it sets a precedent the EU, UK, and India can mirror. For instance, next, the UK's AI Safety Institute (now AISI UK) operates on a similar voluntary basis. The EU AI Act enforcement bodies are watching this US move closely. But, for instance, an check plan signed by five US labs turns into a de-facto global standard within months.

Although, third, it shows info about model power that would otherwise stay private. Because, but, cAISI shares summary findings. This gives security teams advance notice about what frontier models can and cannot do.

Which Companies Signed Onto US AI Model Testing

The May 5 announcement covers three new entrants. Even so, although, combined with the 2024 deals, the five-lab roster looks like this:

OpenAI. Inked in 2024. Because, gPT-5.5, GPT-5.5-Cyber, and Codex evaluated.
Anthropic. Inked in 2024. Even so, claude Opus 4.7 and Mythos evaluated. Anthropic reportedly now holding Mythos back from EU rollout pending extra check.
Google DeepMind. Signed May 2026. Despite this, gemini Enterprise and forthcoming Gemini Ultra in scope.
Microsoft. Signed May 2026. By contrast, in-house models and Azure-hosted forms in scope.
xAI. Signed May 2026. However, grok 4 and beyond in scope.

big absences: Meta (Llama remains open-weight and outside the plan), Mistral, and Chinese labs like DeepSeek and Zhipu. By contrast, for example, the CAISI job covers US-built frontier models. Foreign labs undergo review only post-launch and only if they have meaningful US presence.

What Anthropic and OpenAI Already Do

In addition, anthropic and OpenAI's 2024 deals are the templates the new signatories follow. After that, in contrast, both labs:

give model checkpoints under NDA with classified clearance.
send in a "safeguards-removed" form for worst-case probing.
join in NIST red-team sessions over a 3-8 week check window.
Receive a final report with classified and unclassified sections.

OpenAI also signaled in early May 2026 that it would extend the plan to the EU by sharing GPT-5.5-Cyber with European safety bodies. See our coverage of the broader story on OpenAI's expanding product show. In other words, as a result, anthropic has held off on a similar EU extension for Mythos pending its own internal check timeline.

Critics Push Back on Pre-Launch AI Testing

Not everyone supports the plan. In particular, still, the main pushback falls in three camps.

Despite this, open-source advocates argue CAISI raises a moat around frontier labs. Small labs and academic researchers cannot meet the security-clearance and setup bar. On top of that, yet, critics like Meta's Yann LeCun argue this concentrates frontier build inside a handful of incumbents.

Civil-liberties groups warn that classified check reports reduce public accountability. At the same time, so, if CAISI finds a risk and the lab patches it quietly, users never learn what the model could have done.

A third group. Edge hawks. Argues the plan will slow US labs relative to Chinese rivals who face no similar gov testing. However, on the other hand, cAISI counters that its checks average three to four weeks and that labs already do similar red-teaming in-house, so the small slowdown is small.

Summary

For example, uS AI model testing under CAISI now covers Google, Microsoft, xAI, OpenAI, and Anthropic. The five biggest US frontier AI labs. In contrast, meanwhile, the plan evaluates cyber, biological, election, and agentic risks in a classified setting, runs roughly four weeks, and feeds back to labs for pre-launch fixes. Critics worry about open-source access and public transparency. But supporters see it as the first credible gov check on frontier model release.

Frequently Asked Questions

Is US AI Model Testing Mandatory Under CAISI Approval?

No, the May 2026 deals are voluntary. As a result, in short, labs can withdraw at any time. Next, in real life, refusing CAISI check would invite rule and political review, so all five labs that signed see the plan as a defensible cost of doing business with US gov customers.

How long does US AI model testing take?

A standard check runs three to four weeks from snapshot send-in to final report. Still, for instance, models with novel power. Long-horizon autonomous agents, for example. Can extend the window to eight weeks. Labs typically build the check period into their launch schedule.

Does US AI model testing slow down new model launches?

Yet, marginally. So, but, labs already run internal red-team and safety checks that overlap with CAISI's scope. The new step is the classified-setting probe of the safeguards-removed form. On the other hand, although, most labs treat the CAISI window as parallel with their final pre-launch hardening, not as added time.

What Happens When a Model Fails US AI Model Testing?

"Fail" is the wrong frame. Meanwhile, because, cAISI does not block launches. It writes a report with recommended fixes. In short, even so, the lab decides whether to apply them. If a lab launches without addressing a flagged risk, CAISI can flag the launch publicly. Which is the political pressure that drives rule following.

Will US AI model testing apply to open-source models like Llama?

Not directly. Next, despite this, cAISI's job covers frontier proprietary models from US labs. Open-weight releases like Meta's Llama family are outside the pre-launch plan, though CAISI may check them post-release if national security concerns show.

About the Author

For instance, bhanu Prakash is a cyber and cloud computing professional with hands-on experience in AI safety policy, model check. The security risks of large language model launch. But, by contrast, he shares practical guides and career advice at ElevateWithB.

What to Read Next: If model safety is on your radar, see our breakdown of the OWASP MCP Top 10 agent security risks. The same risk show CAISI red-teams probe inside their checks.