xAI
Grok 4.5
v4.5 · frontier · Released July 8, 2026
Updated July 9, 2026
Released July 8, 2026, Grok 4.5 is explicitly designed for sustained autonomous operation ("agentic rollouts can run for many hours") and is immediately available via API and in Cursor on all plans. The launch announcement contains no safety card, model card, or red-team disclosure. The model is withheld from the EU at launch, expected mid-July, in a timeline that coincides with EU AI Act GPAI systemic risk obligations taking effect August 2, 2026.
Enterprise guidance
Do not deploy Grok 4.5 in regulated workloads until xAI publishes a safety card or third-party evaluation. For agentic use cases, define explicit scope limits and human approval gates before deployment: the model is designed for hours-long autonomous operation and will use that capability if not constrained. EU organizations should wait until EU availability is confirmed and EU AI Act compliance documentation is published. Cursor users should review data processing terms before using Grok 4.5 for tasks that may involve proprietary code.
Active Compliance Flags2
No safety evaluation, model card, or red-team report published at launch. Cannot complete standard vendor AI risk assessment until xAI publishes safety documentation.
Primary source →EU access withheld at launch. Timeline coincides with EU AI Act GPAI systemic risk obligations taking effect August 2, 2026. Regulatory compliance status unclear.
Primary source →Data handling
Default data retention
Not published
Zero-retention available
NoNot published
API data used for training
NoxAI trained Grok 4.5 on real Cursor developer session data. API usage data policy not yet clarified. Review x.ai/legal/privacy before production use.
GDPR Data Processing Agreement
Not availableHIPAA Business Associate Agreement
Not availableBAA listed in xAI enterprise legal documents (x.ai/legal); confirm scope covers Grok 4.5
Data residency options
US (default); EU not available
Vendor compliance certifications
Key use restrictions
- —xAI AUP prohibits: CSAM, harmful content, and illegal activities (see x.ai/legal/aup)
- —EU deployment not currently available
- —Agentic use cases: explicitly designed for hours-long autonomous operation; define scope and time limits before deployment
- —Cursor training data: review Cursor data processing terms if organization uses Cursor
Safety documentation
No safety documentation published at launch. xAI has not submitted Grok 4.5 to any public benchmark or independent safety evaluator as of release date. Monitor x.ai/news for safety card publication.
Related governance resources
Governance controls
AI Vendor Due Diligence
Assess AI vendors against security, governance, and compliance criteria before procurement and at defined intervals during the vendor relationship.
AI Procurement Risk Assessment
Assess and document the risks of procuring an AI system or service before approval, including technical, legal, privacy, and operational risks.
Third-Party AI Model Evaluation
Evaluate third-party AI models against defined performance, safety, and bias criteria before deploying them in enterprise workflows.
Agent Scope and Task Boundaries
Define and enforce the boundaries of what an AI agent is permitted to do, preventing it from expanding its activity beyond its intended purpose.
Human Approval Gate for Irreversible Agent Actions
Require explicit human approval before an AI agent takes actions that are difficult or impossible to reverse, such as sending communications, modifying records, executing transactions, or deleting data.
Agentic Autonomy Expansion Criteria
Define standardized criteria for incrementally widening an AI agent's autonomy thresholds after initial deployment, ensuring that autonomy expansions are deliberate, evidence-based, and approved through the same governance process as initial deployment.
Playbook guides
How do we ensure third-party AI vendors meet our standards?
Extending vendor due diligence to cover model transparency, data handling, bias testing, and contractual liability for AI outputs.
How are we managing third-party AI risks?
Governing the use of external AI APIs and vendor-embedded models, including data handling, documentation requirements, and ongoing monitoring.
Status history
July 9, 2026· yellow to yellow
Released July 8, 2026, Grok 4.5 is explicitly designed for sustained autonomous operation ("agentic rollouts can run for many hours") and is immediately available via API and in Cursor on all plans. The launch announcement contains no safety card, model card, or red-team disclosure. The model is withheld from the EU at launch, expected mid-July, in a timeline that coincides with EU AI Act GPAI systemic risk obligations taking effect August 2, 2026.
