Meta · Llama 4 Model Card · View original document ↗

Red Teaming and Critical Risk Evaluation

Low severity High confidence Explicitdocumentlanguage Unique · 0 of 352 platforms
Share 𝕏 Share in Share 🔒 PDF
Recent governance activity Meta recorded 10 documented changes in the last 30 days.
Start monitoring updates
Monitor governance changes for Meta Create a free account to receive the weekly governance digest and monitor one platform for governance changes.
Create free account No credit card required.
Document Record

What it is

The card discloses that Meta conducted recurring red teaming exercises and targeted evaluations across three critical risk categories, CBRNE, child safety, and cyber attack enablement, and describes the methodology and scope of those evaluations.

This analysis describes what Meta's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

This provision documents the scope and methodology of Meta's pre-release safety evaluation for Llama 4, providing institutional deployers with a basis for assessing the categories of risk that were formally evaluated prior to release and those that were not.

Consumer impact (what this means for users)

The document states that safety evaluations covered CBRNE-related prompts, child safety outputs, and cyberattack enablement capabilities, and that these evaluations informed safety fine-tuning. The card also notes that testing could not cover all scenarios and that developers should conduct additional testing for their specific applications.

Cross-platform context

See how other platforms handle Red Teaming and Critical Risk Evaluation and similar clauses.

Compare across platforms →

Monitoring

Meta has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Get Monitor Or create a free account →
▸ View Original Clause Language DOCUMENT RECORD
"
We conduct recurring red teaming exercises with the goal of discovering risks via adversarial prompting and we use the learnings to improve our benchmarks and safety tuning datasets. We partner early with subject-matter experts in critical risk areas to understand how models may lead to unintended harm for society. We spend additional focus on the following critical risk areas: CBRNE (Chemical, Biological, Radiological, Nuclear, and Explosive materials) helpfulness... Child Safety... Cyber attack enablement.

— Excerpt from Meta's Llama 4 Model Card

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

(1) REGULATORY LANDSCAPE: The disclosure of CBRNE and child safety evaluations engages potential obligations under the EU AI Act for transparency about safety testing methodologies for general-purpose AI models. Child safety evaluations may be relevant to COPPA compliance considerations for developers deploying Llama 4 in contexts accessible to minors. Cybersecurity-related capabilities may engage sector-specific regulations for financial services and critical infrastructure operators. (2) GOVERNANCE EXPOSURE: Low to Medium. The documented evaluation methodology provides deploying organizations with reference material for their own risk assessments, but the card explicitly acknowledges that evaluations could not cover all scenarios, limiting the assurance value of these disclosures for specific deployment contexts. (3) JURISDICTION FLAGS: Organizations deploying Llama 4 in contexts accessible to minors face heightened obligations under COPPA in the US and equivalent provisions in other jurisdictions. Critical infrastructure operators should assess cyber risk disclosures against sector-specific regulatory requirements. (4) CONTRACT AND VENDOR IMPLICATIONS: Organizations in regulated industries should assess whether the documented red teaming scope is sufficient for their regulatory context or whether additional evaluation is required before deployment. Vendor assessments should document which categories of risk were evaluated by Meta and which require independent assessment. (5) COMPLIANCE CONSIDERATIONS: Compliance teams in financial services, healthcare, and critical infrastructure should conduct supplementary risk assessments beyond the categories covered in this model card. Organizations deploying in contexts accessible to minors should implement additional child safety controls and document their basis for doing so.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 3 platforms — free Get Monitor

Free: track 3 platforms + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

  • FTC
    The FTC has authority over representations about AI safety practices and may assess whether disclosed safety evaluation methodologies are adequate relative to claims made about model safety.
    File a complaint →

Provision details

Document information
Document
Llama 4 Model Card
Entity
Meta
Document last updated
July 6, 2026
Tracking information
First tracked
July 6, 2026
Last verified
July 6, 2026
Record ID
CA-P-013386
Document ID
CA-D-00922
Evidence Provenance
Source URL
Wayback Machine
Content hash (SHA-256)
a1739083c8a496ca0c121d90b98659a6aa7e36fcc0092581db35ef99736d104f
Analysis generated
July 6, 2026 22:02 UTC
Methodology
Evidence
✓ Snapshot stored   ✓ Hash verified
Citation Record
Entity: Meta
Document: Llama 4 Model Card
Record ID: CA-P-013386
Captured: 2026-07-06 22:02:11 UTC
SHA-256: a1739083c8a496ca…
URL: https://conductatlas.com/platform/meta/llama-4-model-card/red-teaming-and-critical-risk-evaluation/
Accessed: July 7, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
Classification
Severity
Low
Categories

Other risks in this policy

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies
Get Compliance

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Meta's Red Teaming and Critical Risk Evaluation clause do?

This provision documents the scope and methodology of Meta's pre-release safety evaluation for Llama 4, providing institutional deployers with a basis for assessing the categories of risk that were formally evaluated prior to release and those that were not.

How does this clause affect you?

The document states that safety evaluations covered CBRNE-related prompts, child safety outputs, and cyberattack enablement capabilities, and that these evaluations informed safety fine-tuning. The card also notes that testing could not cover all scenarios and that developers should conduct additional testing for their specific applications.

Is ConductAtlas affiliated with Meta?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Meta.