Search papers, labs, and topics across Lattice.
This paper investigates the gap between user understanding and the actual capabilities of personalized computer-use agents, focusing on risks, delegated authority, and post-execution effects. Through a corpus analysis of the OpenClaw ecosystem and user interviews, the study reveals that while users acknowledge abstract risks, they lack concrete mental models of agent actions and resource access. To address this, the authors propose AgentTrace, a traceability framework and interface prototype that visualizes agent actions, resource interactions, and permission history, demonstrating improved user understanding and anomaly detection.
Users often dangerously misunderstand the true scope of authority they've granted to computer-use agents, even while recognizing abstract risks.
Personalized computer-use agents are rapidly moving from expert communities into mainstream use. Unlike conventional chatbots, these systems can install skills, invoke tools, access private resources, and modify local environments on users'behalf. Yet users often do not know what authority they have delegated, what the agent actually did during task execution, or whether the system has been safely removed afterward. We investigate this gap as a combined problem of risk understanding and post-hoc auditability, using OpenClaw as a motivating case. We first build a multi-source corpus of the OpenClaw ecosystem, including incidents, advisories, malicious-skill reports, news coverage, tutorials, and social-media narratives. We then conduct an interview study to examine how users and practitioners understand skills, autonomy, privilege, persistence, and uninstallation. Our findings suggest that participants often recognized these systems as risky in the abstract, but lacked concrete mental models of what skills can do, what resources agents can access, and what changes may remain after execution or removal. Motivated by these findings, we propose AgentTrace, a traceability framework and prototype interface for visualizing agent actions, touched resources, permission history, provenance, and persistent side effects. A scenario-based evaluation suggests that traceability-oriented interfaces can improve understanding of agent behavior, support anomaly detection, and foster more calibrated trust.
