The card discloses that GPT-5 was evaluated for model autonomy risks including the capacity to take self-directed actions or resist human oversight, and received a 'medium' rating in this category, with deployment proceeding under defined mitigations.
This analysis describes what OpenAI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The model autonomy disclosure is relevant to deployers configuring GPT-5 in agentic or automated pipeline contexts, as residual autonomy capabilities may interact with human oversight requirements under emerging AI governance frameworks and sector-specific operational standards.
Interpretive note: The exact verbatim autonomy rating language could not be extracted due to document truncation; this provision reflects disclosed content described in available metadata and text.
The document discloses that GPT-5 has been evaluated for self-directed action and oversight resistance risks, and that mitigations corresponding to a 'medium' rating have been applied, which is operationally relevant for users deploying GPT-5 in automated or agentic workflows.
Cross-platform context
See how other platforms handle Model Autonomy Risk Category and similar clauses.
Compare across platforms →Monitoring
OpenAI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"GPT-5 received a 'medium' rating under the model autonomy category of OpenAI's Preparedness Framework, covering risks related to the model's capacity for self-directed action, goal pursuit, and resistance to human oversight.— Excerpt from OpenAI's OpenAI GPT-5 System Card
1) REGULATORY LANDSCAPE: Model autonomy disclosures engage the EU AI Act's requirements for human oversight of AI systems, NIST AI Risk Management Framework guidance on agentic AI, and emerging regulatory discussions in the U.S. and EU regarding autonomous AI action in consequential domains. The FTC may evaluate autonomy-related capability representations under its deceptive practices authority. 2) GOVERNANCE EXPOSURE: High for agentic deployments. Organizations deploying GPT-5 in automated pipelines where the model takes actions with real-world consequences such as sending communications, executing code, or managing data should treat the 'medium' autonomy rating as a governance trigger requiring additional human oversight controls at the application layer. 3) JURISDICTION FLAGS: EU deployers of agentic AI systems face heightened obligations under the AI Act's human oversight requirements. U.S. federal agency deployments of agentic AI are subject to OMB guidance on AI governance requiring human oversight for consequential decisions. 4) CONTRACT AND VENDOR IMPLICATIONS: Enterprise agreements for agentic GPT-5 deployments should specify human-in-the-loop requirements, define the scope of permitted autonomous actions, and allocate liability for harms arising from autonomous model behavior that exceeds operator-intended boundaries. 5) COMPLIANCE CONSIDERATIONS: Compliance teams deploying GPT-5 in agentic contexts should document human oversight mechanisms, define escalation procedures for autonomous actions exceeding defined parameters, and review the disclosed autonomy rating against their sector's operational standards for automated systems.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 3 platforms + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The model autonomy disclosure is relevant to deployers configuring GPT-5 in agentic or automated pipeline contexts, as residual autonomy capabilities may interact with human oversight requirements under emerging AI governance frameworks and sector-specific operational standards.
The document discloses that GPT-5 has been evaluated for self-directed action and oversight resistance risks, and that mitigations corresponding to a 'medium' rating have been applied, which is operationally relevant for users deploying GPT-5 in automated or agentic workflows.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by OpenAI.