Skip to content
AI SecurityLLMDual Use

No AI lab scores above C+: what the FLI Safety Index means for enterprise AI risk

4 min read
Share

The Future of Life Institute published its Summer 2026 AI Safety Index on July 7, evaluating nine major AI labs on risk management, transparency, governance, and whether they actually honor their own safety commitments. The results are not encouraging. The highest score earned by any company was a C+. Most earned a D or F. No company earned an A or B. Here is what the index found, and what it means if you are a security practitioner building on or deploying these systems.

The grades

Anthropic received a C+ and ranked highest overall. The index notes Anthropic leads five of six evaluated domains, with relatively strong transparency, a more established safety framework, technical safety research, and governance structure compared to peers. OpenAI received a C, leading on risk assessment due to a broader evaluation suite and diverse external testing engagement. Google DeepMind also received a C. Meta received a D+, improving from 6th to 4th place relative to the prior index. xAI, DeepSeek, and Mistral all received F grades. Z.ai and Alibaba Cloud received D-.

The index evaluated nine labs in total: Anthropic, OpenAI, Google DeepMind, Meta, Z.ai, Alibaba Cloud, xAI, DeepSeek, and Mistral. The full 2026 report is available at futureoflife.org.

What changed between 2025 and 2026

The most significant finding is not the letter grades. It is what the reviewers documented about commitment rollbacks. Between 2024 and 2026, four of the major labs including Anthropic, OpenAI, Google DeepMind, and Meta weakened or eliminated earlier commitments to pause AI development if their systems approached specified danger thresholds. These pause commitments were previously described by those companies as a meaningful safety guardrail.

Military use prohibitions, which were standard in the terms of service and public safety commitments of major labs as recently as 2023, have been successively reversed between 2024 and 2026. Companies that previously prohibited military applications have expanded defense cooperation arrangements. The index reviewers characterize this as a systemic pattern, not individual policy decisions, reflecting competitive pressure overriding earlier safety stances.

Why this matters for enterprise AI risk

Security practitioners tend to focus on AI risks at the application layer: prompt injection, data exfiltration via AI agents, model inversion attacks, insecure tool permissions. The FLI index points to a different layer of risk that gets less attention in operational security programs: the governance and integrity of the AI infrastructure layer itself.

When an organization deploys an AI system as a trusted workflow component, integrating it with production data, internal tooling, and decision workflows, it is implicitly extending trust to the lab that built and operates that model. The FLI index is a structured attempt to measure whether that trust is warranted. The finding that no lab scores above a C+ means there is a significant gap between the trust organizations extend to these systems and the measured safety and governance rigor of the vendors supplying them.

This does not mean organizations should stop using AI systems. It means AI risk assessments should account for vendor governance quality as a factor, alongside technical controls, just as they account for vendor financial stability, compliance certifications, and breach history. The FLI index is now a useful input to that assessment.

What you can actually do with this

First, read the index directly. The full report scores each lab across six dimensions: risk assessment, safety framework, transparency, governance, technical safety research, and the degree to which they honor their commitments. The domain-level scores are more useful for vendor selection than the overall letter grade. If your primary AI vendor scores poorly on transparency, that is relevant to your incident response planning. If they score poorly on risk assessment, that is relevant to your evaluation of how seriously they will respond to a discovered vulnerability in their systems.

Second, treat AI vendor safety posture as a procurement consideration, not just a marketing signal. The rollback of pause commitments and military use prohibitions documented in the index is relevant information for organizations with regulatory obligations around dual-use technology or defense-related data handling.

Third, do not assume vendor safety marketing reflects measured safety governance. The gap between stated commitments and the index scores is the key data point the FLI index provides.

Gigia Tsiklauri is a Security Architect and founder of Infosec.ge. Get in touch if you want to discuss AI risk frameworks or how to incorporate vendor safety assessments into your procurement process.