The model card lists categories of use that Mistral AI prohibits, including generation of malicious code, disinformation, content facilitating violence or exploitation of minors, and weapons development; these restrictions apply to use of the model via API and, through the usage policy referenced, to open-weights deployments.
This analysis describes what Mistral AI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes the outer boundary of permitted use for Mistral Medium 3.5 and, by referencing mistral.ai/terms, incorporates a broader usage policy framework that deployers are contractually bound to observe when accessing the model via Mistral AI's API.
The agreement prohibits specific high-risk use cases including malicious code generation, disinformation, and CSAM; end users of applications built on this model are subject to these restrictions as enforced by their immediate deployer, whose own obligations to Mistral AI flow from the usage policy referenced in the card.
Cross-platform context
See how other platforms handle Prohibited Use Categories and similar clauses.
Compare across platforms →Monitoring
Mistral AI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Mistral AI strictly prohibits the use of its models and products for: [...] generation of malicious code, [...] generation of disinformation, [...] content that facilitates violence or the exploitation of minors, [...] use in the development of weapons.— Excerpt from Mistral AI's Mistral Medium 3.5 Model Card
1. REGULATORY LANDSCAPE: The prohibited use categories directly engage multiple regulatory frameworks: CSAM prohibitions interact with laws including 18 U.S.C. 2256 in the US and equivalent national laws in EU member states; disinformation restrictions may interact with the EU Digital Services Act for deployers operating as online platforms; weapons development restrictions may engage export control regulations including EAR and ITAR in the US context. The FTC may evaluate whether safety representations in the model card align with actual model behavior under its unfair or deceptive practices authority. 2. GOVERNANCE EXPOSURE: High. The open-weights distribution structure means that while Mistral AI asserts these prohibitions, technical enforcement depends on the deployer's own controls rather than platform-level restrictions. Organizations that deploy the model in contexts that could inadvertently facilitate prohibited uses bear primary enforcement risk. 3. JURISDICTION FLAGS: EU deployers face obligations under the EU AI Act's prohibited AI practices provisions, which overlap substantially with the categories listed here. US-based deployers in defense, intelligence, or cybersecurity sectors should assess whether their use cases interact with the weapons development or malicious code prohibitions. CSAM prohibitions carry criminal liability exposure in virtually all operating jurisdictions. 4. CONTRACT AND VENDOR IMPLICATIONS: B2B deployers who sublicense model access to third parties should include pass-through prohibited use provisions in their own terms of service to maintain compliance with Mistral AI's usage policy. Vendor assessments should confirm that downstream customers are bound by equivalent use restrictions. 5. COMPLIANCE CONSIDERATIONS: Deploying organizations should implement use-case intake procedures that screen for prohibited categories, establish incident response protocols for detected prohibited use, and document how their safety controls address each prohibited category listed in the model card. Legal teams should confirm that the prohibited use list in the referenced mistral.ai/terms is consistent with and no narrower than the categories disclosed in this card.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 3 platforms + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes the outer boundary of permitted use for Mistral Medium 3.5 and, by referencing mistral.ai/terms, incorporates a broader usage policy framework that deployers are contractually bound to observe when accessing the model via Mistral AI's API.
The agreement prohibits specific high-risk use cases including malicious code generation, disinformation, and CSAM; end users of applications built on this model are subject to these restrictions as enforced by their immediate deployer, whose own obligations to Mistral AI flow from the usage policy referenced in the card.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Mistral AI.