FLI AI安全指数

Winter2025 December 2025 Available online at:futureoflife.org/indexContact us:policy@futureoflife.org Contents 1Executive Summary21.1 Key Findings21.2 Company Progress Highlights and Improvement Recommendations41.3 Methodology61.4 Independent Review Panel72Introduction83Methodology93.1 Indicator Selection93.2 Company Selection123.3 Related Work123.4 Evidence Collection133.5 Grading143.6 Limitations144Results164.1 Key Findings164.2 Company Progress Highlights and Improvement Recommendations184.3 Domain-level findings205Conclusions25Bibliography26Appendix A: Grading Sheets27Risk Assessment29Current Harms42Safety Frameworks51Existential Safety66Governance & Accountability74Information Sharing and Public Messaging84Appendix B: Company Survey98Introduction98Whistleblowing policies (16 Questions)99External Pre-Deployment Safety Testing (6 Questions)104Internal Deployments (3 Questions)107Safety Practices, Frameworks, and Teams (9 Questions)108 1Executive Summary The Future of Life Institute's AI Safety Index provides an independent assessment of eight leading AI companies'efforts to manage both immediate harms and catastrophic risks from advanced AI systems. Conducted with anexpert review panel of distinguished AI researchers and governance specialists, this third evaluation reveals anindustry struggling to keep pace with its own rapid capability advances—with critical gaps in risk managementand safety planning that threaten our ability to control increasingly powerful AI systems. 1.1 Key Findings •The top 3 companies from last time, Anthropic, OpenAI and Google DeepMind, hold their position,with Anthropic receiving the best score in every domain. Anthropic has sustained its leadership in safetypractices through consistently high transparency in risk assessment, a comparatively well-developed safetyframework, substantial investment in technical safety research, and governance commitments reflected inits Public Benefit Corporation structure and support for state-level legislation such as SB 53. However, italso shows areas of deterioration, including the absence of a human uplift trial in its latest risk-assessmentcycle and a shift toward using user interactions for training by default. •There is a substantial gap between these top three companies and the next tier (xAI, Z.ai, Meta,DeepSeek, and Alibaba Cloud), but recent steps taken by some of these companies show promisingsigns of improvement that could help close this gap in the next iteration. The next-tier companies still facemajor gaps in risk-assessment disclosure, safety-framework completeness, and governance structures suchas whistleblowing policies. That said, several companies have taken meaningful steps forward: Meta’s newsafety framework may support more robust future disclosures, and Z.ai has indicated that it is developingan existential-risk plan. •Existential safety remains the sector’s core structural failure, making the widening gap betweenaccelerating AGI/superintelligence ambitions and the absence of credible control plans increasinglyalarming.While companies accelerate their AGI and superintelligence ambitions, none has demonstrateda credible plan for preventing catastrophic misuse or loss of control. No company scored above a D in thisdomain for the second consecutive edition. Moreover, although leaders at firms such as Anthropic, OpenAI,Google DeepMind, and Z.ai have spoken more explicitly about existential risks, this rhetoric has not yettranslated into quantitative safety plans, concrete alignment-failure mitigation strategies, or credible internalmonitoring and control interventions. •xAI and Meta have taken meaningful steps towards publishing structured safety frameworks, althoughlimited in scope, measurability, and independent oversight. Meta introduces a relatively comprehensivesafety framework with the only outcome-based thresholds, although its trigger for mitigation is set toohigh and decision-making authority remains unclear. Meanwhile, xAI has formalized its safety frameworkwith quantitative thresholds, but it remains narrow in risk coverage and does not specify how thresholdbreaches translate into mitigation mechanisms. •More companies have conducted internal and external evaluations of frontier AI risks, although the riskscope remains narrow, validity is weak, and external reviews are far from independent.Compared tothe last edition, xAI and Z.ai both shared more about their risk assessment processes, joining Anthropic,OpenAI and Google DeepMind. However, reviewers have pointed out that disclosures still fall short: keyrisk categories are under-addressed, external validity is not adequately tested, and external reviewers arenot truly “independent.” •Although there were no Chinese companies in the Top 3 group, reviewers noted and commendedseveral of their safety practices mandated under domestic regulation.Domestic regulations, includingbinding requirements for content labeling and incident reporting, and voluntary na