I don’t think US companies could ever fully trust models sponsored by foreign adversaries. How would you ever verify they are safe?
Provenance of training set is going to be critical. It’s largely ignored now, but the first time a malicious exfiltration occurs it will go off as if a bomb was detonated.
Only way would be an actual open source model: code + training data