NIST Now Tests AI Models Before Launch: Google, Microsoft, xAI Sign On

Every major frontier AI lab in the United States has now agreed to let the federal government test their AI models before public release. Google DeepMind, Microsoft, and xAI formalized agreements with NIST (the National Institute of Standards and Technology) in early May 2026 — joining OpenAI and Anthropic, which had existing testing partnerships. The result is the most comprehensive AI pre-release oversight regime the US government has ever established.

What Is CAISI and Why Does It Matter

The U.S. Department of Commerce's Center for AI Standards and Innovation (CAISI), part of NIST, is the agency running these evaluations. CAISI was created to assess AI systems for national security and cybersecurity risks before they reach the public — essentially a safety inspection program for powerful AI models.

The program has been in development for years, but the new agreements with Google DeepMind, Microsoft, and xAI mark a watershed moment. For the first time, virtually every significant frontier AI model developed in the US will go through federal evaluation before launch. CAISI has already completed more than 40 evaluations of unreleased models as of May 2026.

These aren't superficial checks. Evaluations involve red-team testing (where security researchers try to break the model), adversarial input testing, supply chain risk analysis, and security verification protocols. Some assessments happen in classified environments for national security use cases.

What the Agreements Require

Under the new agreements, AI developers provide NIST staff and interagency experts with early access to unreleased models through the TRAINS Taskforce (Trusted, Responsible AI for National Security). The labs agree to a structured review window before public launch — the exact timelines haven't been made public, but sources suggest 30-60 days is the typical evaluation period.

The agreements are described as voluntary, but that characterization requires some nuance. The Trump administration's AI Action Plan, released earlier in 2026, made cooperation with CAISI a priority signal for AI companies that want favorable regulatory treatment and federal contracts. For companies like Microsoft and Google that do billions in government business annually, "voluntary" participation is effectively mandatory.

OpenAI and Anthropic both renegotiated their existing partnerships with CAISI in 2026 to align with the new priorities of the AI Action Plan, which places greater emphasis on national security and cybersecurity evaluation.

What This Means for AI Development

The practical impact on AI timelines is significant. Models that previously might have gone from internal testing to public launch in a matter of weeks now have a minimum evaluation window baked into the release cycle. For developers planning product roadmaps around new model capabilities, that's a meaningful constraint.

There's also a question of what happens when CAISI finds something concerning. The program's enforcement mechanisms remain opaque — the agreements are voluntary, so there's no formal authority to block a release. But the political and reputational consequences of launching a model after CAISI flagged serious issues would be substantial.

For cybersecurity specifically, OpenAI's GPT-5.5-Cyber — a fine-tuned variant designed for defensive security workflows — was recently extended to vetted EU partners, showing how models can be released in restricted, evaluated form before broader public availability.

The International Dimension

The US pre-release testing framework is notable partly because of what it excludes: Chinese AI labs. Alibaba's Qwen series, DeepSeek, and Baidu's Ernie models aren't subject to CAISI review. As frontier AI capabilities proliferate globally, a testing regime that only covers US labs offers limited assurance about the overall risk landscape.

The UK's AI Safety Institute (AISI) has a parallel pre-release testing program that covers some of the same models, and there are informal coordination channels between US and UK evaluators. The EU AI Act also includes testing requirements, but its enforcement mechanisms are still being developed. An internationally coordinated framework remains a long-term goal rather than a near-term reality.

Industry Reactions

AI labs have been publicly supportive of the CAISI program — not entirely surprising given the "voluntary" framing and the regulatory benefits of participation. What's more notable is what the agreements reveal about where the labs think the real risks are. The emphasis on cybersecurity and national security evaluation, rather than bias or societal harm, reflects both the Trump administration's priorities and the labs' own concerns about model misuse by state actors.

Some AI safety researchers have argued that CAISI's focus on security risks underemphasizes evaluation for broader societal harms like misinformation generation or economic disruption. NIST has indicated it aims to expand the evaluation scope over time, with cybersecurity guidelines expected by summer 2026.

The Bottom Line

The expansion of pre-release AI model testing to every major US frontier lab is a genuine milestone in AI governance. It means that for the first time, there's a systematic process — however imperfect — for catching dangerous model capabilities before they reach billions of users. Whether CAISI evaluations will actually catch the most serious risks, and whether labs will meaningfully act on findings they'd prefer not to address, remains to be seen. But the structure now exists, and that matters.