AI Safety Index 2025: A Worrying Assessment of AI Security

The Future of Life Institute has just published the 2025 edition of its AI Safety Index, a report assessing the safety practices of the leading companies developing advanced artificial intelligence.

The conclusions are unequivocal: no company achieves excellence in safety, and the industry as a whole remains dangerously ill-prepared for the existential risks that future AI systems could pose.

A disappointing overall ranking

Among the eight companies evaluated, none earns a perfect score. The best result goes to Anthropic with a modest C+, followed by OpenAI (C) and Google DeepMind (C-). The other players (xAI, Z.ai, Meta, DeepSeek, and Alibaba Cloud) receive notably lower grades, ranging from D to F.

This situation reveals that even the sector’s leading players sit at best in the middle of the pack. The AI industry, despite its ambitious stated goal of building ever more powerful systems, lacks the guardrails it needs.

Anthropic: the top student, but still not enough

Despite some criticisms, Anthropic remains the most responsible company according to the index. It stands out for solid governance (Public Benefit Corporation status), substantial efforts in safety research, a relatively developed safety framework, and transparent communication about risks.

However, notable weaknesses persist. The report specifically highlights the recent absence of trials on enhancing human capabilities within the risk assessment cycle, as well as a default to using user interactions for training the models.

The recommendations directed at Anthropic include formalizing measurable risk thresholds, documenting concrete mitigation mechanisms, improving the independence of external evaluations, and publishing a robust public version of its whistleblower policy.

OpenAI: progress, but a gap between rhetoric and practice

OpenAI stands out for a broader risk assessment process than some competitors and by publishing, uniquely among its peers, a whistleblower policy following its high-profile coverage.

Nevertheless, the report urges the company to go further: make its safety thresholds truly measurable and applicable, increase transparency with external audits, and above all align its public positions with its internal commitments.

Google DeepMind: timid advances

DeepMind shows progress in transparency, notably by completing the AI Safety Index questionnaire and sharing elements of its internal policy, such as its whistleblowing mechanism.

Nevertheless, weaknesses persist: risk assessment remains limited, the validity of external tests is judged weak, and the link between risk detection and the triggering of concrete measures remains unclear.

The other players: marginal efforts

Some firms have begun to improve their efforts. For example, xAI published a security framework for its “edge” AIs, and Meta formalized a framework with risk thresholds and risk modeling.

However, the assessments remain shallow or incomplete: risk coverage is narrow, thresholds are not credible, mitigation mechanisms are vague or absent, and internal governance is insufficient. Notably, there is an absence of whistleblower policy and a lack of clear authority in the event of risk triggering.

For the lower-ranked companies, notably DeepSeek and Alibaba Cloud, progress is very modest, primarily in publishing safety frameworks or participating in international standards.

The Achilles’ heel: existential safety

The report’s most troubling finding concerns existential safety, i.e., the ability to prevent major catastrophes such as loss of control or misalignment.

For the second edition in a row, no company scores above a D in this domain. This means that despite the ambitions expressed by some players to develop AGI or superintelligence within the decade, no credible and concrete plan to guarantee control or long-term alignment has been put in place.

A member of the expert panel describes this gap between the pace of technical innovations and the absence of a security strategy as deeply alarming.

This situation poses several major challenges:

A structural risk: If firms continue to develop AI without tangible existential-control plans, we could be heading toward systems whose behavior escapes governance, potentially posing a global danger.

A governance problem: The lack of a universal standard, independent oversight, or binding regulation makes AI safety dependent on corporate good faith.

A mismatch between ambition and preparation: Many players aim for AGI within the decade, but none demonstrate that they have contemplated, prepared, or translated this into concrete measures.

Recommendations of the report

In light of this assessment, the report lays out several recommendations for companies, regulators, and public decision-makers.

First, companies should move beyond intent statements and publish concrete, quantified, and measurable plans, with clear risk thresholds, alert mechanisms, mitigation protocols, and genuine internal governance—ideally with independent oversight.

Next, firms should publicly commit to adhering to common standards, for example by adopting the EU AI Act or a similar code of good practice, and by participating in global AI governance initiatives.

Finally, in the event of real intent to develop highly powerful AIs, actors must clarify their objectives and explain how they plan to ensure control, alignment, and the prevention of existential risks.

Methodological limitations

It should be noted that the evaluations rely on publicly available or documented materials. They are not secret internal audits, but observations of what the companies have publicly disclosed or stated officially. Consequently, the index measures what is known about practices, meaning that significant internal efforts could exist without being captured by this assessment.

Moreover, the 2025 edition covers practices up to early November 2025 and does not account for events, model launches, or announcements after that collection date.