cd /news/ai-safety/proposal-the-glasswing-standard · home topics ai-safety article
[ARTICLE · art-60585] src=lesswrong.com ↗ pub= topic=ai-safety verified=true sentiment=· neutral

Proposal: The Glasswing Standard

A proposal called the Glasswing Standard suggests expanding Anthropic's Project Glasswing early-access program to include multiple labs and government agencies, with regular safety reports and prediction markets, to build transparency and track records for AI release decisions without slowing frontier development.

read5 min views1 publishedJul 15, 2026

Thinking about "Plan A" makes me want to make concrete proposals towards those goals. I think Anthropic's "Project Glasswing" provides a clear and easily implemented first-step policy towards AI safety. With a few small tweaks, I think we can build a release process that is robust against today's mundane threats, while also building transparency and track records to guide future policy decisions. I think this policy can also strike a favorable balance of interests between the labs, government, and public safety.

This program has already paid off - we knew in advance that access to Mythos led to a concrete, graphable spike in cyber-security capabilities. That helped build broader awareness of the mundane dangers presented by current frontier models, without anything hitting the fan. This sort of "early access" program provides solid value for a relatively small amount of effort, since most of the pieces are already in place.

I think the best place to start is with transparency, not control.

Get the major labs and the government to agree on a standardized group that has early access to new models. Project Glasswing already provides a decent starting point, if perhaps biased towards Anthropic's interests. Have each of these organizations issue a regular report, indicating whether they think the model is safe yet. Prediction markets can have fun using these reports to try and extrapolate a release date, as more and more organizations begin to sign off on the model.

Each organization has its own discretion on where it focuses its efforts, and what constitutes "safe". Early access users are purely advisory - they have neither authority nor liability. But each report builds up a public track record. That helps us identify each organization's unique forecasting strengths and weaknesses, and then labs (and future regulators) can weigh those reports as they see fit.

Initially, labs might retain full veto control, as governments build their own formal approval processes. We can flexibly tighten or loosen oversight based on how capabilities evolve. Organizations like the CIA and NSA might do their own private evaluations. We could require a super-majority of early-access users to approve releases. Alternately, we could formalize how well systems resist "red team" efforts using the same models. Eventually bug reports drop back down to a trickle. Eventually we stop finding dangerous capabilities. And if we don't hit that "eventually", it's lucky for us that the public never got access.

I think it matters a lot what incentives go behind a veto, which is why I emphasize advisors and transparency at this stage. Initially, we want stewards who have a vested interest in both the economic and security side of the equation. Otherwise, a lot of powerful stakeholders have an incentive to oppose all of this. The Government naturally wants to see the economy flourish, and has practice balancing that against security concerns. The labs want to preserve their reputation and not invite stricter scrutiny, but also directly profit from releasing new models.

As capabilities grow more dangerous, it makes sense to invoke more security-minded stewards. That's outside the scope of this proposal, but probably an important follow-up. We should work to establish credible thresholds on when to tighten our safeguards. As evidence for dangerous capabilities accumulates, the political cost of opposing safety rises. Hopefully, by the time more extreme actions are necessary, there's also a clearer public consensus on the necessity of such actions. "Raising the sanity waterline" on the threat of ASI will also be an important part of this effort.

Right now, I'm treating it as a positive that this doesn't slow down frontier development. The major labs merely face a small speed-bump to release, and that speed-bump provides an extra incentive to ensure models have robust safeguards in place. They have very little reason to oppose either phase of this, and I think public opposition to such mild measures would cost them valuable political capital. Anthropic is already voluntarily doing most of this, and I hope other labs would have done similar in the same position.

I want to be clear: The risk factors explicitly addressed here are all mundane harms from a dangerous LLM, not stopping ASI.

But, as risks evolve, it lets us leverage a well-established information ecosystem, and starts to build political momentum towards stronger regulations.

In short, this is the foundation, in case we need "Plan A", while also trying to build a coalition with those whose concerns are more mundane, or who are worried about the economic impacts of more extreme actions.

If you accept that action is urgent, then I think it follows that it's important to have a concrete proposal that is tailored to the current political and mainstream levels of awareness. "ASI" still sounds like exotic science fiction, which forces us to start small and focus more on "if" branches than "when". Right now we desperately need action that can meet skeptics halfway. I'm expecting the singularity, but most people aren't. That's why I emphasize how this addresses a lot of other concerns, and de-emphasize how this is a foundation for everything else.

I'd also like to throw my support behind Plan A's policy of tracking and verifying compute. Having a proven technology in place would also be an advantage in negotiating international verification protocols. Plus, even while we're just tracking and verifying internally, that helps keep frontier labs honest.

That said, I don't think I'm the ideal person to write that proposal - I'd just be editing down the concepts in "Plan A". I would love to see someone more familiar with the technical details work up a complementary proposal, with the same focus on mainstream appeal and building political momentum.

── more in #ai-safety 4 stories · sorted by recency
── more on @anthropic 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/proposal-the-glasswi…] indexed:0 read:5min 2026-07-15 ·