Anthropic · Claude Sonnet 5 System Card · View original document ↗

Residual Safety Risks and Jailbreak Acknowledgment

Medium severity High confidence Explicitdocumentlanguage Unique · 0 of 352 platforms
Share 𝕏 Share in Share 🔒 PDF
Recent governance activity Anthropic recorded 2 documented changes in the last 30 days.
Start monitoring updates
Monitor governance changes for Anthropic Create a free account to receive the weekly governance digest and monitor one platform for governance changes.
Create free account No credit card required.
Document Record

What it is

The document discloses that Claude Sonnet 4.5 retains residual safety risks, including susceptibility to adversarial prompting and jailbreak techniques, and that the hardcoded and softcoded safety behaviors may not be fully reliable in all adversarial contexts.

This analysis describes what Anthropic's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

This provision is a material disclosure of known limitations in the model's safety architecture, which is operationally significant for any operator making safety representations to their own users based on Claude's designed refusal behaviors.

Consumer impact (what this means for users)

Under this disclosure, users and operators should be aware that Claude Sonnet 4.5's safety behaviors, while structurally designed, are not claimed to be fully robust against all adversarial prompting techniques, and residual risk of safety behavior circumvention exists.

Cross-platform context

See how other platforms handle Residual Safety Risks and Jailbreak Acknowledgment and similar clauses.

Compare across platforms →

Monitoring

Anthropic has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Get Monitor Or create a free account →
▸ View Original Clause Language DOCUMENT RECORD
"
We recognize that Claude is not perfect, and there are cases where Claude may be manipulated through adversarial prompting techniques to behave in ways that are inconsistent with its training and values.

— Excerpt from Anthropic's Claude Sonnet 5 System Card

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

1. REGULATORY LANDSCAPE: This provision engages with FTC guidance on substantiated safety claims and the EU AI Act's requirements for accuracy and robustness disclosures for general-purpose AI models. Where operators represent to their users that Claude categorically refuses certain content, the accuracy of that representation depends on the reliability of the hardcoded behaviors, which this provision qualifies. 2. GOVERNANCE EXPOSURE: High for operators who market their products on the basis of Claude's content safety. The disclosure that adversarial prompting may circumvent safety behaviors creates potential FTC exposure if operator-facing or consumer-facing safety representations overstate the model's actual reliability. Operators should review their marketing materials and user-facing disclosures for accuracy relative to this acknowledged limitation. 3. JURISDICTION FLAGS: EU operators subject to the EU AI Act's transparency and accuracy requirements should assess whether this residual risk disclosure affects their product conformity documentation. California operators should assess whether this disclosure triggers any obligation under California's AI transparency or consumer protection statutes. 4. CONTRACT AND VENDOR IMPLICATIONS: Operators should assess whether their commercial agreements with Anthropic adequately allocate liability for harms resulting from adversarial prompting that circumvents hardcoded safety behaviors. Standard API terms may not provide indemnification for such scenarios, and operators may face direct liability for harms to their own users. 5. COMPLIANCE CONSIDERATIONS: Compliance teams should review all user-facing and marketing representations about Claude's safety capabilities and assess whether they are consistent with this disclosed limitation. Organizations should establish incident response procedures for cases where adversarial prompting results in safety behavior failures in their deployments.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 3 platforms — free Get Monitor

Free: track 3 platforms + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

  • FTC
    The FTC's prohibition on unfair or deceptive practices is relevant where operator safety representations to consumers overstate the reliability of Claude's safety behaviors relative to Anthropic's own disclosed limitations.
    File a complaint →

Provision details

Document information
Document
Claude Sonnet 5 System Card
Entity
Anthropic
Document last updated
July 6, 2026
Tracking information
First tracked
July 6, 2026
Last verified
July 6, 2026
Record ID
CA-P-013379
Document ID
CA-D-00921
Evidence Provenance
Source URL
Wayback Machine
Content hash (SHA-256)
cdf033accb28f24cdba717a62a97f374bbf1637875644a05d1e43ef6c3f7fa1a
Analysis generated
July 6, 2026 21:57 UTC
Methodology
Evidence
✓ Snapshot stored   ✓ Hash verified
Citation Record
Entity: Anthropic
Document: Claude Sonnet 5 System Card
Record ID: CA-P-013379
Captured: 2026-07-06 21:57:58 UTC
SHA-256: cdf033accb28f24c…
URL: https://conductatlas.com/platform/anthropic/claude-sonnet-5-system-card/residual-safety-risks-and-jailbreak-acknowledgment/
Accessed: July 7, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
Classification
Severity
Medium
Categories

Other risks in this policy

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies
Get Compliance

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Anthropic's Residual Safety Risks and Jailbreak Acknowledgment clause do?

This provision is a material disclosure of known limitations in the model's safety architecture, which is operationally significant for any operator making safety representations to their own users based on Claude's designed refusal behaviors.

How does this clause affect you?

Under this disclosure, users and operators should be aware that Claude Sonnet 4.5's safety behaviors, while structurally designed, are not claimed to be fully robust against all adversarial prompting techniques, and residual risk of safety behavior circumvention exists.

Is ConductAtlas affiliated with Anthropic?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Anthropic.