The issue is that you wouldn't be able to even transparently get to any evidence, as these models are blackboxes.
They might start scheming behind employees backs as soon as they realize they are being used in critical infrastructure of adversaries. And nobody would know until it's too late.
Aren't all LLMs just as blackboxey?
If you sell a blackbox that you constructed yourself, then you are also liable for anything that happens.
If you sell a blackbox from a third-party (e.g. from China), you are liable for somebody else's decisions that you cannot scrutinize.
So, that's kind of the argumentation that underlies sovereignty and why Chinese Models are not being used in critical infrastructure.