The card discloses that Meta conducted recurring red teaming exercises and targeted evaluations across three critical risk categories, CBRNE, child safety, and cyber attack enablement, and describes the methodology and scope of those evaluations.
This analysis describes what Meta's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision documents the scope and methodology of Meta's pre-release safety evaluation for Llama 4, providing institutional deployers with a basis for assessing the categories of risk that were formally evaluated prior to release and those that were not.
The document states that safety evaluations covered CBRNE-related prompts, child safety outputs, and cyberattack enablement capabilities, and that these evaluations informed safety fine-tuning. The card also notes that testing could not cover all scenarios and that developers should conduct additional testing for their specific applications.
Cross-platform context
See how other platforms handle Red Teaming and Critical Risk Evaluation and similar clauses.
Compare across platforms →Monitoring
Meta has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We conduct recurring red teaming exercises with the goal of discovering risks via adversarial prompting and we use the learnings to improve our benchmarks and safety tuning datasets. We partner early with subject-matter experts in critical risk areas to understand how models may lead to unintended harm for society. We spend additional focus on the following critical risk areas: CBRNE (Chemical, Biological, Radiological, Nuclear, and Explosive materials) helpfulness... Child Safety... Cyber attack enablement.— Excerpt from Meta's Llama 4 Model Card
(1) REGULATORY LANDSCAPE: The disclosure of CBRNE and child safety evaluations engages potential obligations under the EU AI Act for transparency about safety testing methodologies for general-purpose AI models. Child safety evaluations may be relevant to COPPA compliance considerations for developers deploying Llama 4 in contexts accessible to minors. Cybersecurity-related capabilities may engage sector-specific regulations for financial services and critical infrastructure operators. (2) GOVERNANCE EXPOSURE: Low to Medium. The documented evaluation methodology provides deploying organizations with reference material for their own risk assessments, but the card explicitly acknowledges that evaluations could not cover all scenarios, limiting the assurance value of these disclosures for specific deployment contexts. (3) JURISDICTION FLAGS: Organizations deploying Llama 4 in contexts accessible to minors face heightened obligations under COPPA in the US and equivalent provisions in other jurisdictions. Critical infrastructure operators should assess cyber risk disclosures against sector-specific regulatory requirements. (4) CONTRACT AND VENDOR IMPLICATIONS: Organizations in regulated industries should assess whether the documented red teaming scope is sufficient for their regulatory context or whether additional evaluation is required before deployment. Vendor assessments should document which categories of risk were evaluated by Meta and which require independent assessment. (5) COMPLIANCE CONSIDERATIONS: Compliance teams in financial services, healthcare, and critical infrastructure should conduct supplementary risk assessments beyond the categories covered in this model card. Organizations deploying in contexts accessible to minors should implement additional child safety controls and document their basis for doing so.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 3 platforms + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision documents the scope and methodology of Meta's pre-release safety evaluation for Llama 4, providing institutional deployers with a basis for assessing the categories of risk that were formally evaluated prior to release and those that were not.
The document states that safety evaluations covered CBRNE-related prompts, child safety outputs, and cyberattack enablement capabilities, and that these evaluations informed safety fine-tuning. The card also notes that testing could not cover all scenarios and that developers should conduct additional testing for their specific applications.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Meta.