AI Security Review
scanned 4h ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package is a Korean law MCP/CLI that performs user-invoked API calls and has an explicit setup wizard that writes package-owned MCP server entries.
Decision evidence
public snapshot- build/setup.js explicitly writes MCP client configs for Claude Desktop, Claude Code .mcp.json, Cursor, VS Code, Windsurf, Gemini CLI, Zed, and Antigravity when user runs setup.
- build/setup.js can store user-provided LAW_OC in selected client config env.
- package.json has no preinstall/install/postinstall; prepare is husky and prepublishOnly builds only.
- build/index.js only starts MCP over stdio or user-selected HTTP/SSE mode; setup is an explicit subcommand.
- Network use is aligned with Korean law APIs: www.law.go.kr and taxlaw.nts.go.kr.
- build/lib/fetch-with-retry.js masks API key query parameters in error URLs.
- No child_process, eval, dynamic remote code loading, destructive file operations, or credential harvesting found in inspected source.
Source & flagged code
2 flagged · loading sourcebuild/setup.js explicitly writes MCP client configs for Claude Desktop, Claude Code .mcp.json, Cursor, VS Code, Windsurf, Gemini CLI, Zed, and Antigravity when user runs setup.
build/setup.jsView on unpkgbuild/setup.js can store user-provided LAW_OC in selected client config env.
build/setup.jsView on unpkg