False Friends in the Shell: Unveiling the Emoticon Semantic Confusion in Large Language Models

TL;DR

This paper uncovers a vulnerability in large language models where emoticons cause misinterpretation, leading to silent failures and potential security risks, highlighting the need for better mitigation strategies.

Contribution

It systematically studies emoticon semantic confusion in LLMs, introduces a dataset of test cases, and reveals its widespread occurrence and security implications.

Findings

Over 38% average confusion ratio across six LLMs.

More than 90% of confused responses are silent failures.

Vulnerability transfers to popular agent frameworks and resists prompt-based mitigation.

Abstract

Emoticons are widely used in digital communication to convey affective intent, yet their safety implications for Large Language Models (LLMs) remain largely unexplored. In this paper, we identify emoticon semantic confusion, a vulnerability where LLMs misinterpret ASCII-based emoticons to perform unintended and even destructive actions. To systematically study this phenomenon, we develop an automated data generation pipeline and construct a dataset containing 3,757 code-oriented test cases spanning 21 meta-scenarios, four programming languages, and varying contextual complexities. Our study on six LLMs reveals that emoticon semantic confusion is pervasive, with an average confusion ratio exceeding 38%. More critically, over 90% of confused responses yield 'silent failures', which are syntactically valid outputs but deviate from user intent, potentially leading to destructive security consequences. Furthermore, we observe that this vulnerability readily transfers to popular agent frameworks, while existing prompt-based mitigations remain largely ineffective. We call on the community to recognize this emerging vulnerability and develop effective mitigation methods to uphold the safety and reliability of the LLM system.