Fully self-hostable under Apache 2.0 means zero data-sovereignty risk when run locally, but the absence of a SECURITY.md, bug bounty, or responsible disclosure process leaves the security posture below what production teams should expect from an Alibaba-backed model at this scale.
Generally trustworthy — some hardening recommended before team or production use. See .
⚠The team behind this tool is not publicly identified. Treat with extra caution — anonymous authorship is a significant trust risk.
Score Summary
Claim Accuracy4/5
Data & Privacy4/5
Security Posture3/5
Transparency4/5
Key Findings
›Released April 16, 2026 under Apache 2.0 — free for commercial and research use with no usage-based fee or registration required. Source: https://github.com/QwenLM/Qwen3.6
›Sparse MoE architecture: 35B total parameters, only ~3B activated per forward pass, enabling frontier-class coding performance at roughly the inference cost of a 3B model. Source: https://huggingface.co/Qwen/Qwen3.6-35B-A3B
›Fully self-hostable on standard hardware (approximately 21 GB VRAM at Q4_K_M quantization); when self-hosted, no user data leaves the operator's infrastructure. Source: https://github.com/QwenLM/Qwen3.6
›When accessed via Alibaba Cloud Model Studio API, data handling is governed by Alibaba Cloud's privacy policy, which retains personal data for the duration of legitimate business need and permits research/statistical use of aggregated data — operators must assess this against their own compliance requirements. Source: https://www.alibabacloud.com/help/en/legal/latest/alibaba-cloud-international-website-privacy-policy
›No SECURITY.md, published bug bounty, or responsible disclosure policy was found in the QwenLM/Qwen3.6 repository as of this review. Third-party red-teaming of an earlier Qwen 2.5 72B model found sensitive information disclosure as a high-severity concern. Source: https://github.com/QwenLM/Qwen3.6, https://promptfoo.dev/models/reports/qwen-2.5-72b