registry  /  korean-law-mcp  /  4.4.4

korean-law-mcp@4.4.4

법제처 42개 API → 9개 MCP 도구. 법령·판례·조례·조약 + 다단계 리서치(legal_research, 8 task) + 정밀분석(legal_analysis: 인용검증·판례생사·행위시법·영향그래프) + 시점 비교(time_travel) + 상황별 5단계 안내(action_plan) + 국세청 해석례(nts)

AI Security Review

scanned 4h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
No blocking static signals were detected.
Trigger
User runs `korean-law-mcp setup` or `npx korean-law-mcp setup` and selects target clients
Impact
Adds a korean-law MCP server entry and optional LAW_OC env value to selected client configs; enables package tools when the client starts it.
Mechanism
explicit user-command MCP client config mutation
Rationale
Source inspection does not show malicious behavior or unconsented lifecycle mutation, but explicit user-command AI-agent config mutation is a lifecycle risk under policy. Treat as warn rather than block.
Evidence
package.jsonbuild/index.jsbuild/setup.jsbuild/cli.jsbuild/lib/api-client.jsbuild/lib/fetch-with-retry.jsbuild/server/http-server.jsbuild/lib/external-https-proxy.jsClaude Desktop claude_desktop_config.json./.mcp.json~/.cursor/mcp.json./.vscode/mcp.json~/.codeium/windsurf/mcp_config.json~/.gemini/settings.jsonZed settings.json~/.gemini/antigravity/mcp_config.json
Network endpoints3
www.law.go.kr/DRFopen.law.go.kr/LSO/openApi/guideResult.dotaxlaw.nts.go.kr/action.do

Decision evidence

public snapshot
AI called this Suspicious at 84.0% confidence as Benign with medium false-positive risk.
Evidence for warning
  • build/setup.js implements explicit `setup` command that writes MCP entries into Claude Desktop, Claude Code `.mcp.json`, Cursor, VS Code, Windsurf, Gemini, Zed, and Antigravity config paths.
  • build/setup.js stores the entered LAW_OC API key in selected client config env and configures command `npx -y korean-law-mcp`.
Evidence against
  • package.json has no preinstall/install/postinstall hooks; only prepublishOnly build script.
  • build/index.js only starts MCP over stdio or user-selected HTTP/SSE mode, with setup behind `args[0] === "setup"`.
  • build/lib/api-client.js network calls are package-aligned Korean law API requests using `www.law.go.kr/DRF`.
  • build/cli.js uses LAW_OC or --apiKey for user-invoked legal search tools; no credential harvesting or exfiltration found.
  • No child_process execution, eval/vm/Function, native binary loading, destructive file operations, or persistence beyond explicit setup config writes found.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 101 file(s), 770 KB of source, external domains: 0.0.0.0, glaw.scourt.go.kr, library.scourt.go.kr, open.law.go.kr, taxlaw.nts.go.kr, www.elis.go.kr, www.law.go.kr, www.moleg.go.kr

Source & flagged code

2 flagged · loading source
build/setup.jsView file
Published source reference
Medium
Ai Review Evidence

build/setup.js implements explicit `setup` command that writes MCP entries into Claude Desktop, Claude Code `.mcp.json`, Cursor, VS Code, Windsurf, Gemini, Zed, and Antigravity config paths.

build/setup.jsView on unpkg
Published source reference
Medium
Ai Review Evidence

build/setup.js stores the entered LAW_OC API key in selected client config env and configures command `npx -y korean-law-mcp`.

build/setup.jsView on unpkg

Findings

4 Medium5 Low
MediumNetwork
MediumEnvironment Vars
MediumAi Review Evidencebuild/setup.js
MediumAi Review Evidencebuild/setup.js
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings