registry  /  korean-law-mcp  /  4.7.0

korean-law-mcp@4.7.0

법제처 42개 API → 9개 MCP 도구. 법령·판례·조례·조약 + 다단계 리서치(legal_research, 8 task) + 정밀분석(legal_analysis: 인용검증·판례생사·행위시법·영향그래프) + 시점 비교(time_travel) + 상황별 5단계 안내(action_plan) + 국세청 해석례(nts)

AI Security Review

scanned 5h ago · by lpm-firewall-ai

No confirmed malicious attack surface is established. The package is a Korean law MCP/CLI that performs user-invoked API calls and has an explicit setup wizard that writes package-owned MCP server entries.

Static reason
No blocking static signals were detected.
Trigger
Runtime use via korean-law-mcp, korean-law CLI, or explicit korean-law-mcp setup
Impact
User-requested law queries and optional package-owned MCP registration; no unconsented install-time mutation or exfiltration found
Mechanism
MCP server and CLI for Korean law API lookup; explicit MCP client config setup
Rationale
The only agent-control writes are part of an explicit setup command and register this package's own MCP server, which is warn-level at most under the policy but no concrete malicious chain is present. Runtime network and environment-variable use are package-aligned with Korean law API access and user-supplied API keys.
Evidence
package.jsonbuild/index.jsbuild/cli.jsbuild/setup.jsbuild/lib/api-client.jsbuild/lib/fetch-with-retry.jsbuild/lib/law-url-config.jsbuild/tools/precedents.jsbuild/lib/external-https-proxy.jsClaude/claude_desktop_config.json.mcp.json.cursor/mcp.json.vscode/mcp.json.codeium/windsurf/mcp_config.json.gemini/settings.json.zed/settings.json.config/zed/settings.json.gemini/antigravity/mcp_config.json
Network endpoints4
www.law.go.kr/DRFwww.law.go.kr/open.law.go.kr/LSO/openApi/guideResult.dotaxlaw.nts.go.kr/action.do

Decision evidence

public snapshot
AI called this Clean at 92.0% confidence as Benign with low false-positive risk.
Evidence for block
  • build/setup.js explicitly writes MCP client configs for Claude Desktop, Claude Code .mcp.json, Cursor, VS Code, Windsurf, Gemini CLI, Zed, and Antigravity when user runs setup.
  • build/setup.js can store user-provided LAW_OC in selected client config env.
Evidence against
  • package.json has no preinstall/install/postinstall; prepare is husky and prepublishOnly builds only.
  • build/index.js only starts MCP over stdio or user-selected HTTP/SSE mode; setup is an explicit subcommand.
  • Network use is aligned with Korean law APIs: www.law.go.kr and taxlaw.nts.go.kr.
  • build/lib/fetch-with-retry.js masks API key query parameters in error URLs.
  • No child_process, eval, dynamic remote code loading, destructive file operations, or credential harvesting found in inspected source.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 110 file(s), 836 KB of source, external domains: 0.0.0.0, glaw.scourt.go.kr, library.scourt.go.kr, open.law.go.kr, taxlaw.nts.go.kr, www.elis.go.kr, www.law.go.kr, www.moleg.go.kr

Source & flagged code

2 flagged · loading source
build/setup.jsView file
Published source reference
Low
Ai Review Evidence

build/setup.js explicitly writes MCP client configs for Claude Desktop, Claude Code .mcp.json, Cursor, VS Code, Windsurf, Gemini CLI, Zed, and Antigravity when user runs setup.

build/setup.jsView on unpkg
Published source reference
Low
Ai Review Evidence

build/setup.js can store user-provided LAW_OC in selected client config env.

build/setup.jsView on unpkg

Findings

2 Medium7 Low
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowAi Review Evidencebuild/setup.js
LowAi Review Evidencebuild/setup.js