Guardado en:
Detalles Bibliográficos
Autores principales: Wang, Jiacheng, Hou, Jinchang, Wang, Fabian, Jian, Ping, Bao, Chenfu, Lv, Zhonghou
Formato: Preprint
Publicado: 2026
Materias:
Acceso en línea:https://arxiv.org/abs/2604.13954
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
_version_ 1866911595814191104
author Wang, Jiacheng
Hou, Jinchang
Wang, Fabian
Jian, Ping
Bao, Chenfu
Lv, Zhonghou
author_facet Wang, Jiacheng
Hou, Jinchang
Wang, Fabian
Jian, Ping
Bao, Chenfu
Lv, Zhonghou
contents Existing agent-safety evaluation has focused mainly on externally induced risks. Yet agents may still enter unsafe trajectories under benign conditions. We study this complementary but underexplored setting through the lens of \emph{intrinsic} risk, where intrinsic failures remain latent, propagate across long-horizon execution, and eventually lead to high-consequence outcomes. To evaluate this setting, we introduce \emph{non-attack intrinsic risk auditing} and present \textbf{HINTBench}, a benchmark of 629 agent trajectories (523 risky, 106 safe; 33 steps on average) supporting three tasks: risk detection, risk-step localization, and intrinsic failure-type identification. Its annotations are organized under a unified five-constraint taxonomy. Experiments reveal a substantial capability gap: strong LLMs perform well on trajectory-level risk detection, but their performance drops to below 35 Strict-F1 on risk-step localization, while fine-grained failure diagnosis proves even harder. Existing guard models transfer poorly to this setting. These findings establish intrinsic risk auditing as an open challenge for agent safety.
format Preprint
id arxiv_https___arxiv_org_abs_2604_13954
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle HINTBench: Horizon-agent Intrinsic Non-attack Trajectory Benchmark
Wang, Jiacheng
Hou, Jinchang
Wang, Fabian
Jian, Ping
Bao, Chenfu
Lv, Zhonghou
Machine Learning
Artificial Intelligence
Existing agent-safety evaluation has focused mainly on externally induced risks. Yet agents may still enter unsafe trajectories under benign conditions. We study this complementary but underexplored setting through the lens of \emph{intrinsic} risk, where intrinsic failures remain latent, propagate across long-horizon execution, and eventually lead to high-consequence outcomes. To evaluate this setting, we introduce \emph{non-attack intrinsic risk auditing} and present \textbf{HINTBench}, a benchmark of 629 agent trajectories (523 risky, 106 safe; 33 steps on average) supporting three tasks: risk detection, risk-step localization, and intrinsic failure-type identification. Its annotations are organized under a unified five-constraint taxonomy. Experiments reveal a substantial capability gap: strong LLMs perform well on trajectory-level risk detection, but their performance drops to below 35 Strict-F1 on risk-step localization, while fine-grained failure diagnosis proves even harder. Existing guard models transfer poorly to this setting. These findings establish intrinsic risk auditing as an open challenge for agent safety.
title HINTBench: Horizon-agent Intrinsic Non-attack Trajectory Benchmark
topic Machine Learning
Artificial Intelligence
url https://arxiv.org/abs/2604.13954