korean-law-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and parses public third‑party legal content (via the korean-law-mcp remote endpoint and the fallback REST/MCP calls to the public "법망" API at https://api.beopmang.org and the 법제처 Open API https://open.law.go.kr) and the agent is required to read those results to choose searches/ids and next actions (e.g., selecting mst/article and which tool to call), so external content could materially influence behavior.