Booz Allen has released a report examining how foreign-developed large language models could affect software security in U.S. government and critical infrastructure environments. The report, titled “What’s In America’s Code?,” evaluated four Chinese frontier models and one American model across software development and security workflows.

The analysis covered more than 2,800 trials and nearly 450,000 lines of code. Booz Allen found that three of the four Chinese models produced significantly more vulnerable code when prompted with a U.S. government persona, and that the vulnerabilities were highly obfuscated. The firm said the findings raise concerns about the use of untrusted AI models in software supply chains tied to national security and critical functions.

The report also found that the tested foreign models showed political bias aligned with the People’s Republic of China, including refusals of certain politically sensitive requests and China-aligned perspectives in generated outputs. Booz Allen recommended banning untrusted AI models from government and critical infrastructure environments when they cannot demonstrate reliable and trustworthy behavior.

The firm also called for greater public-private coordination to support trusted domestic AI options. Booz Allen said American AI companies should work with the U.S. government to ensure American models are “both commercially compelling and economically viable.”

Read more