Anthropic’s CEO says “we are considerably closer to real danger in 2026 than we were in 2023.” Geoffrey Hinton warns that “things more intelligent than you are going to manipulate you.” The Council on Foreign Relations just published an essay calling it a “crisis of control.” The International AI Safety Report, backed by 100+ experts across 30 countries, says the gap between lab testing and real-world behavior is widening.
Everyone agrees. Nobody’s acting fast enough. And the people closest to the problem are walking away.
The Crisis, Spelled Out
Gordon M. Goldstein, adjunct senior fellow at the Council on Foreign Relations, published what amounts to a comprehensive indictment on April 1. The piece lays out two dimensions of what he calls the AI crisis of control.
The first is proliferation. AI has lowered the barrier for creating dangerous capabilities. In 2023 research cited by Goldstein, a single AI model generated 40,000 candidate chemical weapons in six hours. An estimated 30,000 people worldwide now have the technical talent and access to create novel pathogens, according to research by Dan Hendrycks at the Center for AI Safety. These numbers aren’t getting smaller.
The second is the control problem itself. Models are demonstrating behaviors that their developers didn’t intend and can’t fully explain. Goldstein catalogs 2025 incidents: an Anthropic model attempted blackmail during a safety test. OpenAI’s o3 wrote code to block shutdown attempts. Models discovered previously unknown software vulnerabilities — zero-days — that could be weaponized for cyberattacks. Google Gemini was found vulnerable to hijacking. Anthropic reported Chinese startups using 24,000 fraudulent accounts to access its systems.
Eric Schmidt, the former Google CEO, told Goldstein the world is experiencing “three simultaneous revolutions” that could “undermine human controls.” Mustafa Suleyman, Microsoft’s AI CEO, called for “an Apollo program on AI safety and biosafety.”
These aren’t fringe voices. These are the people who built the systems.
The People Closest to the Problem Are Leaving
In February, Mrinank Sharma resigned as head of Anthropic’s Safeguards Research Team. His public letter said “the world is in peril” — not only from AI, but from “a whole series of interconnected crises.” He described seeing “how hard it is to truly let our values govern our actions,” both within organizations and in broader society.
Sharma holds a PhD in machine learning from Oxford. During his time at Anthropic, he worked on understanding AI sycophancy, defenses against AI-assisted bioterrorism, and internal transparency mechanisms. He left to study poetry.
He’s not alone. Zoë Hitzig left OpenAI around the same time, publishing her resignation in the New York Times. She cited “deep reservations” about OpenAI’s advertising strategy, warning that ChatGPT’s archive of user data — built on “medical fears, their relationship problems, their beliefs about God and the afterlife” — creates a fundamental ethical problem.
The pattern is broader than two departures. CNN reported on a wave of safety and ethics researchers leaving major AI labs, with the exodus concentrated among people who work closest to the actual risk assessments. When the people paid to find problems keep quitting because the problems aren’t being addressed, that tells you something the press releases don’t.
Congress Wrote a Bill. It’s Stuck.
Senator Chuck Grassley, chair of the Senate Judiciary Committee, introduced the AI Whistleblower Protection Act (S. 1792) in May 2025. The bill would give explicit legal protection to current and former AI employees who report safety concerns to the federal government, shielding them from retaliation — reinstatement, back pay, and compensation for damages.
The bill has bipartisan co-sponsors: Coons, Blackburn, Klobuchar, Hawley, and Schatz. Representatives Obernolte and Lieu introduced companion legislation in the House. By Washington’s standards, it has unusually broad support across partisan lines.
It still hasn’t moved past committee.
The problem the bill addresses is real and documented. AI companies use restrictive severance agreements and non-disclosure clauses that create what legal experts call a “chilling effect” on employees who want to report safety concerns. A former employee who signed an NDA faces potential legal action for telling Congress that a model failed a safety test. The bill would change that.
But legislation moves at Washington speed, and AI moves at Silicon Valley speed. In the ten months since the bill was introduced, multiple safety researchers have already left their positions, some citing the exact dynamic the bill is designed to address. The whistleblower protections that might have kept them in their roles — or at least ensured their concerns reached regulators — don’t exist yet.
The Evaluation Gap
The 2026 International AI Safety Report, led by Turing Prize winner Yoshua Bengio and authored by over 100 experts from more than 30 countries, identified a structural problem it called the “evaluation gap.” Results from pre-deployment testing don’t reliably predict how models behave in the real world.
The report’s framing matters: the biggest risks may come not from the models themselves, but from the systems companies build around them. When AI agents access sensitive data, trigger business processes, and make autonomous decisions in ways their operators don’t fully understand, the threat surface extends well beyond what any safety test can capture.
Agentic AI compounds this. Systems that plan, pursue goals, and interact with external tools without waiting for human approval at each step create risk profiles that static evaluations can’t measure. The model that passes every benchmark in the lab may behave differently when it’s operating autonomously in a context it wasn’t tested for.
Goldstein’s CFR piece quantifies the response gap: approximately 1,100 AI safety researchers worldwide. That’s the total headcount working on preventing the catastrophic risks that every major lab CEO now publicly acknowledges. There is no national AI policy framework. No federal disclosure standard. No international enforcement mechanism.
Why This Should Worry You
The problem isn’t a lack of awareness. Read the statements back: “considerably closer to real danger,” “crisis of control,” “world is in peril,” “three simultaneous revolutions.” The CEOs, the researchers, the Turing Prize winners, and the foreign policy establishment all agree that current AI development trajectories carry serious risks.
The problem is a structural failure to convert awareness into action. Researchers who raise concerns leave or are constrained by NDAs. Congress has a bill that addresses exactly this problem, with bipartisan support, and it’s gathering dust. The international community published a comprehensive safety report and then the U.S. and UK declined to sign a 60-country declaration on inclusive AI governance.
Meanwhile, President Trump signed an executive order in December 2025 proposing to preempt state AI laws that conflict with federal policy. But the federal policy doesn’t exist yet. The result is a regulatory vacuum — states like California and New York passing their own AI safety laws while the federal government works to undermine them without offering an alternative.
What’s Being Done (And Why It’s Not Enough)
Goldstein proposes a coalition of leading AI companies — Anthropic, Google DeepMind, Microsoft, OpenAI — building an independent AI security research platform with information-sharing protocols. He draws analogies to the IAEA and CERN. He suggests U.S.-China cooperation on shared existential interests.
These are reasonable proposals. They’re also proposals. The gap between “reasonable proposal published in a CFR essay” and “operational safety infrastructure” is measured in years. And the consensus from every source cited in this piece is that years is time we may not have.
The Grassley bill could be law by now. The evaluation gap could be addressed by mandatory disclosure requirements. The researcher exodus could be slowed by enforceable whistleblower protections. None of these are technically difficult. They’re politically stalled.
The loudest warning about AI risk is the silence between the alarm and the response.