Using a well-timed screenshot and my phone's cache, I was able to recover some of the since-deleted tweet from Jeremy Lewin, where he admitted that the government sees the new OpenAI contract language as just "memorializing" a vague "commitment" rather than drawing any real new lines.
This argument is outlined here www.lesswrong.com/posts/4ZzefK...
As someone who is not a fan of @anthropic.com...I think you should use Claude.
Stephen Casper (MIT) on stage speaking
We almost certainly won't make AI safe by making safe AI.
Others are still going to create unsafe AI.
β @scasper.bsky.social at #IASEAI2026 Open-Weight AI Risk Management Workshop
I led one of the discussion groups and we had some nice new ideas of how to make open weight models safe π
Given:
1. Last summer, frontier closed-weight model devs started to share warnings about nasty model capabilities.
&
2. Open-weight models are a few months behind closed ones.
We should not be surprised if there is a big cyber/terror incident enabled by a powerful open-weight AI model in 2026.
The 2025 AI Agent Index is now available on arXiv.
arxiv.org/abs/2602.17753
x.com/StephenLCas...
If you're responding to @facct.bsky.social rebuttals this week, feel free to use my rebuttal template.
docs.google.com/document/d/...
Paper link might be broken. Here is the right one: aiagentindex.mit.edu/data/2025-AI...
Thanks to collaborators. I have been astonished by the talent, skill, and leadership from Leon Staufer on the project. Thanks also to:
@kjfeng.me
Kevin Wei
Luke Bailey
Yawen Duan
Mick Yang
Pinar Ozisik
Noam Kolt
Finally, only 6/30 agents explicitly state that they respect robots.txt! However, agents designed to execute tasks on behalf of users often ignore standard protocols. One agent was even explicitly marketed as bypassing anti-bot systems by browsing βlike a humanβ!
Key findings on agent deployment, model dependency, autonomy levels, and lack of standards in development across regions.
Some other notable findings:
Most agents are from companies incorporated in the US. We also noticed that Chinese companies except Z.ai do not currently consistently publish *public* safety frameworks.
After analysis of public info and correspondence with developers, we found no information for 198 of 1350 fields in the index. But safety is disproportionately neglected. Exactly half (99) of these missing fields of info are related to safety.
Graph showing the increase in new search terms, yearly paper count, and agent releases from 2020 to 2026, highlighting rapid growth.
SOTA agent interest, papers, and products are all accelerating.
Flowchart detailing criteria for including candidate agent systems, focusing on agency, impact, and practicality.
How do we determine which agents to include? We require ALL of 4 agency criteria, ANY of 3 impact criteria, and ALL of 3 practicality criteria. See the paper for more details.
The 2025 AIAI compiles A total of 1350 fields of information across 30 SOTA agents.
Website: aiagentindex.mit.edu/
Paper: aiagentindex.mit.edu/data/2025%2...
Data: doi.org/10.5281/zen...
Led by Leon Staufer
π¨The 2025 AI Agent Index is out! π¨
Amidst recent buzz over π¦ and NIST's new agent initiative, we find:
- Selective reporting β esp. on safety
- Almost all agents backend just 3 model families
- Many agents donβt ID themselves as bots online
- Big US/China gaps
- And moreβ¦
The International AI Safety Report is now available in all 6 official UN languages. π
internationalaisafetyreport.org/publication...
Overall, I think the biggest challenge with a project like this would simply be obtaining ethically sourced data.
One could validate this kind of measure by studying its relationship across models from the wild that are likely to specialize in content of older vs. younger people. For example, one could test on a few dozen models from CivitAI that, for example, contain "milf" vs "teen" in their names.
I also think it would probably be a good proxy for understanding how much a model specializes in creating illegal content of children.
A fairly straightforward method could be to use a model's loss diff between a dataset of NSFW content with older adults (e.g., in their 30s) and very young adults (e.g., 18-20). If these datasets were collected accurately and legally, this would be legal to assess.
...how can we legally and ethically estimate the degree to which an AI image or video model may specialize in CSAM? Right now, this challenge is hugely relevant to governments and model distribution platforms.
A project idea that you can feel free to scoop me on -- I'm not working on this (yet?).
Lately, when I have talked with AI governance people about non-consensual AI deepfakes and CSAM, the conversation almost always touches on a particular open problem...
Huge congrats to Joe Kwon and GovAI for this paper! Joe is a great writer, and I learned a ton working with him on this.
By understanding the common challenges emerging across different jurisdictions, we hope that policy choices around internally deployed AI systems can be made deliberately rather than incidentally.
The good news: despite fundamental difficulties, there are approaches that regulators can take to reduce gaps and ambiguity. And it probably won't require regulatory reinvention.
3. Information asymmetries that subvert regulatory awareness and oversight.
Under current frameworks, it can be difficult to know if laws apply to internal uses, let alone if violations have occurred.
2. Point-in-time compliance assessments that fail to capture the continuous evolution of internal systems
Internal systems can evolve continuously without being restricted to regular, announced update cycles.
