When Convenience Becomes Risk: A Semantic View of Under-Specification in Host-Acting Agents

Computer Science > Cryptography and Security [Submitted on 22 Mar 2026] When Convenience Becomes Risk: A Semantic View of Under-Specification in Host-Acting Agents Di Lu, Yongzhi Liao, Xutong Mu, Lele Zheng, Ke Cheng, Xuewen Dong, Yulong Shen, Jianfeng Ma Host-acting agents promise a convenient interaction model in which users specify goals and the system determines how to realize them. We argue that this convenience introduces a distinct security problem: semantic under-specification in goal specification. User instructions are typically goal-oriented, yet they often leave process constraints, safety boundaries, persistence, and exposure insufficiently specified. As a result, the agent must complete missing execution semantics before acting, and this completion can produce risky host-side plans even when the user-stated goal is benign. In this paper, we develop a semantic threat model, present a taxonomy of semantic-induced risky completion patterns, and study the phenomenon through an OpenClaw-centered case study and execution-trace analysis. We further derive defense design principles for making execution boundaries explicit and constraining risky completion. These findings suggest that securing host-acting agents requires governing not only which actions are allowed at execution time, but also how goal-only instructions are translated into executable plans. Subjects: Cryptography and Security (cs.CR); Artificial Intelligence (cs.AI) Cite as: arXiv:2603.21231 [cs.CR]   (or arXiv:2603.21231v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2603.21231 Focus to learn more Submission history From: Di Lu [view email] [v1] Sun, 22 Mar 2026 13:42:21 UTC (133 KB) Access Paper: HTML (experimental) view license Current browse context: cs.CR < prev   |   next > new | recent | 2026-03 Change to browse by: cs cs.AI References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)