日本の法令から条文を取得する。略称(消法・所法・労基法 等)対応。条/項/号レベル指定可能。
AI agents call get_law to retrieve information from Houki e-Gov MCP Server without modifying anything — typically the context-gathering step in research, monitoring, and reporting workflows, before the agent takes action elsewhere.
This tool performs read-only retrieval of legal text from the e-Gov API. It searches and fetches law articles based on abbreviations and hierarchical specifications (条/項/号), which is fundamentally a data retrieval operation. There are no side effects, modifications, deletions, or command execution involved. The blast radius of misuse is minimal—an agent could only retrieve already-public legal information.
From the tool's definition Tool description indicates 'get_law' retrieves (取得する) articles from Japanese laws; the functionality includes fetching specific provisions at the clause/subsection/item level and resolving abbreviations, with no modification, deletion, or execution…
Attacks that exploit this kind of access
日本の法令から条文を取得する。略称(消法・所法・労基法 等)対応。条/項/号レベル指定可能。. It is categorised as a Read tool in the Houki e-Gov MCP Server MCP Server, which means it retrieves data without modifying state.
Register the Houki e-Gov MCP Server MCP server in PolicyLayer and add a rule for get_law: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Houki e-Gov MCP Server. Nothing to install.
get_law is a Read tool with low risk. Read-only tools are generally safe to allow by default.
Yes. Add a rate_limit block to the get_law rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for get_law. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
get_law is provided by the Houki e-Gov MCP Server MCP server (shuji-bonji/houki-egov-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →