Abstract: Against the backdrop of the rising trend of de-globalization, national security exception clauses in international investment agreements (IIAs) have shown a new tendency toward overgeneralized application. Specifically, three key shifts have occurred: their legal nature has transformed from a "passive defense" tool to an "actively discretionary" measure; the tension between the "legal form" and "political intent" inherent in security reviews has intensified, leading to a distortion in the nature of these reviews; and their regulatory scope has expanded from "traditional security" to include "non-traditional security" domains. Such overgeneralization is exemplified by the U.S. Foreign Investment Risk Review Modernization Act (FIRRMA) and the TikTok case. These cases illustrate how the United States and Europe employ the "self-judging" mechanism of national security exception clauses for protectionist purposes, thereby posing new challenges to the protection of China's overseas investment interests. By redefining the three core application elements of these clauses—semantic boundaries, legitimate interest requirements, and the principle of proportionality—this paper exposes the legal paradoxes and interpretive biases in their overgeneralized application and proposes corresponding response strategies. First, it suggests improving the content of national security exception clauses in bilateral investment treaties (BITs): defining the scope of sensitive areas, incorporating transparency obligations, and establishing compensation mechanisms. Second, it advocates reforming the jurisdictional pathway of international investment arbitration: including national security review decisions within the jurisdiction of the International Centre for Settlement of Investment Disputes (ICSID) and constructing a four-tier hierarchical review mechanism comprising "preliminary proof, substantive relevance, proportionality test, and legitimacy of purpose". Finally, it recommends guiding enterprises to adapt their overseas capital deployment models: building a security risk firewall through Variable Interest Entity (VIE) structures, separating control rights from beneficial rights to avoid identity-based reviews by host countries, and thus maximizing the protection of overseas investment interests.