With the convening of the 2025 World Conference on Artificial Intelligence, how to safely apply artificial intelligence (AI) in the rapidly developing mobile Internet has become the focus of attention. Industry insiders have recently expressed that regulators, equipment manufacturers, and software service providers should strengthen cooperation to jointly ensure the stable development of the industry while preventing new risks. The Mobile Internet Application Program (APP) Risk Classification and Grading Guide (2025) jointly released by the Thayer Terminal Laboratory of the Chinese Academy of Communications and the Institute of Standards (hereinafter referred to as the "Guide") pointed out that by the end of 2024, the number of mobile Internet users had reached 1.57 billion, and the annual mobile Internet access traffic had reached 337.6 billion GB. The increasingly rich APP application landscape also puts forward higher requirements for the whole chain and whole process risk management in APP governance. Especially in the current rapidly developing trend of AI applications, embedding AI plugins in apps has become an important form of attracting users and profoundly changing the landscape of the mobile application market. The Guide proposes that AI poses great challenges to content review and functional detection, and has shown drawbacks such as lowering the threshold for malicious developers. Through AI tools, malicious applications can be quickly mass-produced, and malicious features can be dynamically changed, increasing the difficulty of detection. For example, AI can automatically refactor code logic, modify interface naming, or add redundant code to generate application variants with the same functionality, greatly increasing the sample analysis pressure of security checks. At the same time, the Guidelines also point out that the risk of malicious exploitation through technological updates and iterations is constantly escalating. During the review and deployment stages of mobile application distribution platforms, some developers may disguise malicious apps as normal apps. When users complete the download and installation process or meet certain specific triggering conditions during use, they can download and install new versions containing malicious code or illegal content through hot updates, achieving the "replacement" and "face changing" of the app. The "Guidelines" also classify APP risks into six categories: privacy and security risks, malicious behavior risks, service abnormality risks, property security risks, content security risks, and minor security risks. Based on the different degrees of damage caused by APP risks to different objects such as social order, public interest, system security, and user legal rights, the risk level is divided into four levels: extremely high, high, medium, and low. For different risk levels, the Guidelines suggest that different entities can implement different management measures at various stages of the APP's lifecycle. The "Guidelines" point out that it is necessary to promote consensus among all parties on the types and degrees of risks associated with apps, in order to provide reference for current app risk prevention and governance. The Guide calls for the healthy development of the mobile Internet industry to be inseparable from the cooperation of all parties in the whole industry chain: enterprises need to enhance the awareness of compliance development and put risk prevention and control through the whole product life cycle; Mobile application distribution platforms should optimize their auditing capabilities and strengthen on shelf inspections; Mobile terminal manufacturers need to enhance their risk detection capabilities and strengthen monitoring of APP risk behaviors; The management department needs to continuously improve laws and regulations, clarify risk definition and punishment standards. In addition, industry associations are encouraged to develop self-discipline standards, promote self-restraint and management of APP related entities, and jointly build a good industry development ecology. In response to the advent of the era of AI big model applications, industry experts have identified industry pain points and found that collaboration between mobile phone manufacturers and APP application service providers is the key to maintaining stable development. He Bo, director of the Internet Law Research Center of the Chinese Academy of Communications, said that the Regulations on the Administration of Network Data Security, which came into effect on January 1 this year, made special provisions on data processing activities involving emerging technologies such as automated tools and generative artificial intelligence. With the iteration and updating of technology, AI related policies, regulations, and prevention and control measures will continue to be updated and optimized. The release of this "Guidelines" will also help normalize and standardize the prevention of related technological risks in the AI era, guide all parties in the industry to further deepen cooperation, strengthen data sharing and technology exchange mechanisms, and jointly explore effective strategies to deal with emerging risks. (New Society)