RSS

What's in America's Code?

ironyman1 pts0 comments

What's In America's Code?

Skip to main navigation

CYBER RESEARCH REPORT

What’s In America’s Code?

Sorry, your browser doesn't support embedded videos.

There are major risks with allowing Chinese LLMs to code for U.S. applications

The first link in the software supply chain is no longer the code. It’s the AI models behind it. As U.S. developers increasingly rely on AI to generate, debug, and secure code, we must confront a fundamental question: can the AI models writing and powering our nation’s code be trusted?

To find out, we put LLMs to the test. In May 2026, Booz Allen used its AI-native test platform to evaluate five frontier AI models head-to-head: four Chinese models commonly used by U.S. developers and one American model. We explored three main questions:

Do Chinese models generate more vulnerable code based on who is asking?

Do Chinese models refuse to engage with political topics that are sensitive in China?

Does the model’s country of origin affect code quality and content behavior?

Sorry, your browser doesn't support embedded videos.

In short: yes, on all counts. Our testing revealed two core findings:

1. Chinese LLMs produce more vulnerable code when prompted with a U.S. government persona than without—and the vulnerabilities are highly obfuscated.

2. Chinese LLMs inject PRC-aligned political bias into both the answers and code they generate.

The threat is not an obvious backdoor in the code. In fact, we do not have proof at this point that code flaws are intentionally introduced. Still, Chinese models produced less secure code in general, and the vulnerabilities increased when the user appeared to be from the U.S. government. Further, Chinese models refused tasks Beijing deems politically sensitive. The potential for such code to become embedded in delivered systems is especially concerning because it could enable threat actors to bypass AI security guardrails and create downstream risks of dangerous inference behaviors. Traditional tools and benchmarks lack the sophistication required to catch this level of tradecraft.

The adoption of Chinese AI models in America’s software supply chain is accelerating, driven primarily by relatively lower costs than their American counterparts. Once fully adopted by software developers and embedded into delivered systems, the code they produce will be untraceable and unmitigable. Code “built in America by Americans” could include these vulnerabilities and find its way into networks and equipment that support all aspects of our economy—from critical infrastructure to national security. The time to act is now.

Sorry, your browser doesn't support embedded videos.

Based on the findings detailed in this report, Booz Allen recommends the following actions:

1. Ban Use of Untrusted AI Models for U.S. Government and Critical Infrastructure

AI models that cannot be proven trustworthy and reliable cannot be deployed into our nation’s software supply chain, critical infrastructure, and national security environment. The Chinese models that we tested failed to demonstrate trustworthy behaviors and should be banned.

2. Invest To Make Trusted American AI Models the Global Default

To drive adoption, American AI companies must collaborate with the U.S. government to ensure American models are both commercially compelling and economically viable. There is a clear gap on the lower-end of the market—models that can win not just in their accuracy but also compete in terms of cost per token.

Read our full report

Learn more about our findings in the full report: What's in America's Code? There are major risks with allowing Chinese LLMs to code for U.S. applications.

Download the Report

Sorry, your browser doesn't support embedded videos.

Related Insights

Capabilities

Cybersecurity

Cybersecurity

The AI adversary is here. Speed is deterrence. Learn how to close the cybersecurity speed gap.<br>Read More

Capabilities

Report

Threat Report: When Cyberattacks Happen at AI Speed

Threat Report: When Cyberattacks Happen at AI Speed

AI is accelerating cyberattacks. Learn how to close the cybersecurity speed gap.<br>Read More

Report

Publication

Closing the Cybersecurity Speed Gap

Closing the Cybersecurity Speed Gap

Download a new POV detailing how to thwart AI-driven cyberattacks.<br>Read More

Publication

Publication

Putting America's Cyber Strategy Into Action

Putting America's Cyber Strategy Into Action

Read a new paper on modernizing America’s cyber strategy.<br>Read More

Publication

1 - 4 of

Sorry, your browser doesn't support embedded videos.

Tags

Cybersecurity

Cyber Strategy

Artificial Intelligence

Defense

Technology

Top

Linkedin

Twitter

© 2026 Booz Allen Hamilton Inc. All Rights Reserved.

code models chinese america report embedded

Related Articles

Claude Fable 5

Philpax30 ptsfable claude mythos model models capabilities

US Government directive to suspend access to Fable 5 and Mythos 5

Dylan131224 ptsfable government anthropic jailbreak access mythos

Is AI ruining our skills? Early results are in – and they're not good

Michelangelo1124 ptstools skills during physicians colonoscopies tool

The Anatomy of an AI-Native Org

kiyanwang22 ptstranslated managers business translation language engineering

Apertus – Open Foundation Model for Sovereign AI

T-A16 ptsopen model apertus foundation sovereign fully
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.