User OAuth 로그인을 시작합니다. 반환된 URL을 브라우저에서 열어 NAVER WORKS에 로그인하세요. 로그인 완료 후 자동으로 토큰이 저장됩니다. 중요: scope를 지정하지 마세요. 기본값이 모든 API(캘린더, 메일, 할일, 드라이브, 게시판)를 포함하므로 한 번 로그인으로 전체 기능을 사용할 수 있습니다. scope를 좁게 지정하면 다른 기능 사용 시 재로그인이 필요합니다.
AI agents invoke nworks_login_user to trigger actions in Nworks. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.
This tool initiates an OAuth authentication flow, triggers an external browser action, and automatically stores credentials/tokens. It executes an external operation (OAuth flow + token storage) with broad scope covering all APIs (calendar, mail, tasks, drive, boards). Misuse could grant an agent persistent access tokens to the entire NAVER WORKS account.
From the tool's definition User OAuth 로그인을 시작합니다 (Initiates User OAuth login); 반환된 URL을 브라우저에서 열어 NAVER WORKS에 로그인 (opens URL in browser to login); 로그인 완료 후 자동으로 토큰이 저장됩니다 (tokens are automatically saved after login)
Documented attack patterns abuse exactly the kind of access nworks_login_user gives an agent:
PolicyLayer is an MCP gateway — it sits between your AI agents and Nworks, and nothing reaches the server without passing your rules. This is the rule we recommend for nworks_login_user:
{
"version": "1",
"default": "deny",
"tools": {
"nworks_login_user": {
"limits": [
{
"counter": "nworks_login_user_rate",
"window": "minute",
"max": 10,
"scope": "grant"
}
]
}
}
}nworks_login_user stays usable, but rate-capped — a runaway agent can't fire it dozens of times a minute. Everything else on the server is denied unless you say otherwise.
Free to start. No card required.
User OAuth 로그인을 시작합니다. 반환된 URL을 브라우저에서 열어 NAVER WORKS에 로그인하세요. 로그인 완료 후 자동으로 토큰이 저장됩니다. 중요: scope를 지정하지 마세요. 기본값이 모든 API(캘린더, 메일, 할일, 드라이브, 게시판)를 포함하므로 한 번 로그인으로 전체 기능을 사용할 수 있습니다. scope를 좁게 지정하면 다른 기능 사용 시 재로그인이 필요합니다. It is categorised as a Execute tool in the Nworks MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.
Register the Nworks MCP server in PolicyLayer and add a rule for nworks_login_user: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Nworks. Nothing to install.
nworks_login_user is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.
Yes. Add a rate_limit block to the nworks_login_user rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for nworks_login_user. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
nworks_login_user is provided by the Nworks MCP server (yjcho9317/nworks). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Start from Nworks, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.
Free to start. No card required.
26 Nworks tools catalogued and risk-classified — across an index of 43,000+ MCP servers.