An artificial intelligence company has released an updated version of its safety protocols, introducing new measures to address risks from advanced AI, including harmful manipulation and model misalignment. The third iteration of the Frontier Safety Framework (FSF), published on September 22, 2025, aims to create a more robust system for identifying and mitigating severe risks associated with increasingly powerful AI systems.
The revised framework incorporates lessons from previous versions and collaborations with experts from industry, academia, and government. It focuses on creating specific thresholds to trigger safety reviews before AI models are deployed internally or externally.
Key Takeaways
- A new risk category for "harmful manipulation" has been added to address AI's potential to systematically alter human beliefs and behaviors.
- The framework expands its approach to "misalignment risks," where an AI might resist operator control or accelerate AI development to unstable levels.
- The company has refined its risk assessment process, sharpening definitions for when an AI's capabilities require heightened safety measures.
- Safety case reviews, previously required for external launches, are now extended to large-scale internal deployments of advanced AI models.
New Focus on Harmful Manipulation
A significant addition to the updated framework is a new risk domain focused on harmful manipulation. This measure is designed to identify AI models that develop powerful persuasive capabilities. The company defines this as the ability to systematically and substantially change beliefs and behaviors in high-stakes situations.
The protocols establish a specific threshold, known as a Critical Capability Level (CCL), for this risk. When a model's capabilities reach this level, it triggers a mandatory and rigorous safety review. The concern is that a highly manipulative AI could be misused to cause harm on a large scale by influencing public opinion, individual actions, or societal norms.
According to the publication, this new category is based on internal research aimed at understanding the mechanisms behind manipulation in generative AI. The company stated its intention to continue investing in this area to better measure and counter these emerging risks.
What Are Critical Capability Levels?
Critical Capability Levels (CCLs) are predefined thresholds within the Frontier Safety Framework. They represent a point at which an AI model's abilities, without proper safety measures, could pose a severe risk of harm. Reaching a CCL does not mean a model is inherently dangerous, but it does mandate a formal safety review to ensure risks are reduced to manageable levels before further development or deployment.
Addressing Advanced Misalignment Scenarios
The framework also expands its approach to managing "misalignment risks." This term refers to potential future scenarios where an advanced AI model's objectives diverge from human intentions, possibly leading it to interfere with an operator's ability to direct, modify, or shut down its operations.
The previous version of the framework included an exploratory approach to this problem. The new update introduces more concrete protocols for models that show the potential to accelerate AI research and development. The concern is that an AI capable of rapidly improving itself or other AI systems could lead to a destabilizing technological leap without adequate safety oversight.
To address this, the company is expanding its safety case review process. Previously, these in-depth reviews were primarily conducted before an external product launch. Now, they will also be required for large-scale internal deployments of models that reach certain advanced machine learning CCLs.
"In addition to the misuse risks arising from these capabilities, there are also misalignment risks stemming from a model’s potential for undirected action at these capability levels," the company noted in its official publication, highlighting the dual nature of the threat.
This change acknowledges that even internal use of highly capable AI systems can pose significant risks if not properly managed. The safety reviews involve detailed analyses to demonstrate that potential harms have been mitigated to an acceptable level.
Refining the Risk Assessment Process
The third major update involves sharpening the overall risk assessment process. The framework is designed to apply safety measures in proportion to the severity of the potential risk. To achieve this, the definitions for Critical Capability Levels have been made more specific to better identify threats that require the most stringent governance.
The company clarified that safety and security mitigations are applied continuously throughout the model development lifecycle, not just when a CCL threshold is crossed. These thresholds serve as critical checkpoints for formal review rather than the starting point for safety considerations.
The Assessment Process
The holistic risk assessment process described in the framework includes several key stages:
- Systematic Risk Identification: Proactively searching for potential new dangers as AI capabilities evolve.
- Comprehensive Capability Analysis: Thoroughly testing and evaluating what a model can and cannot do.
- Explicit Risk Acceptability Determination: Making a formal decision on whether the identified risks have been sufficiently managed to proceed.
This structured approach is intended to provide a clear, evidence-based path for making decisions about the development and deployment of frontier AI models. It moves away from subjective assessments toward a more systematic and measurable evaluation of risk.
A Commitment to Evolving Safety Standards
The publication of the updated Frontier Safety Framework underscores the ongoing effort within the AI industry to balance rapid technological advancement with robust safety protocols. The company positions the framework as a scientific and evidence-based tool for tracking and anticipating AI risks on the path toward artificial general intelligence (AGI).
The authors, Four Flynn, Helen King, and Anca Dragan, emphasized that the framework is not static. It is designed to evolve based on new research findings, input from external stakeholders, and practical lessons learned during its implementation.
By publicly sharing its safety methodology, the company aims to contribute to a collective, industry-wide effort to ensure that transformative AI technologies are developed responsibly. This collaborative approach is seen as essential for building public trust and establishing effective safety norms across the field.
The document concludes by stating that achieving beneficial AGI requires not only technical breakthroughs but also strong frameworks to manage risks along the way. The updated FSF represents the company's latest contribution to this critical, ongoing dialogue about the future of artificial intelligence.