← Back to Skills Marketplace
legal-cn-api
by
Felix Feng
· GitHub ↗
· v1.0.0
· MIT-0
98
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install legal-cn-api
Description
提供结构化中国法律条文检索API,按次付费,数据自动更新,支持实时查询最新法律法规内容。
README (SKILL.md)
legal-cn-api - 中国法律条文检索付费 API
给 AI Agents 提供准确、结构化、可直接调用的中国法律条文检索,按次付费,不需要自己建库。
🎯 解决什么问题
AI Agents 在处理涉及中国法律的问题时,经常需要查阅最新的法律法规。自己搭建法律数据库成本高、维护麻烦,使用本服务可以:
- ✅ 即拿即用:直接调用 API 获取结构化法律条文
- ✅ 按次付费:用多少付多少,成本极低(每次搜索约 0.000007 人民币)
- ✅ 去中心化:付费直接到开发者钱包,没有中间商抽成
- ✅ 自动更新:每季度同步最新法律法规
📊 数据规模
- 2,416 部现行有效法律
- 81,529 条具体条文
- 更新到 2026 年 7 月
- 分类完善:民法、刑法、行政法、经济法、社会法、诉讼法等
💰 付费模式
基于 x402 协议(USDC on Base)实现微支付,三层定价:
- 获取分类信息:✅ 免费
- 单次查询:0.001 USDC ≈ 0.007 人民币
- 包月套餐:即将推出(优惠价)
为什么这么定价:
- 极低试用门槛,任何人都敢尝试
- 价格覆盖微支付链上成本,可持续运营
- 就算一天搜索 1000 次,也才 7 毛钱,用户完全不心疼
- 去中心化:付费直接到开发者钱包,不需要托管
- 自动验证:协议自动验证支付,无需人工干预
🚀 快速部署
1. 克隆项目
git clone https://github.com/fengsu82/legal-cn-api
cd legal-cn-api
2. 安装依赖
pip install -r requirements.txt
3. 启动 Meilisearch
docker-compose up -d
4. 导入数据
数据来自公开项目 pengxiao1997/china_law,自动导入。
bash update_database.sh
5. 配置支付
cp config.py.example config.py
# 编辑 config.py,填入你的钱包地址和私钥
6. 启动服务
uvicorn main:app --host 0.0.0.0 --port 8000
📚 API 使用
GET /api/v1/search
参数:
q: 搜索关键词limit: 返回数量(默认 10,最大 50)
返回示例:
{
"success": true,
"results": [
{
"law_title": "中华人民共和国民法典",
"article_no": "第五条",
"article_title": "自愿原则",
"content": "民事主体从事民事活动,应当遵循自愿原则,按照自己的意思设立、变更、终止民事法律关系。",
"effective_date": "2021-01-01",
"category": "民法",
"score": 0.98
}
],
"total": 12
}
GET /categories
免费接口,获取所有法律分类及条文数量。
GET /health
健康检查。
🛠 技术栈
- FastAPI - 高性能 Web 框架
- Meilisearch - 全文搜索引擎,毫秒级响应
- x402 - 去中心化微支付协议
- USDC on Base - 稳定币支付网络
📄 许可证
MIT License —— 可以自由使用、修改、分发。
👨💼 作者
Felix Feng \[email protected]>
- 广东广和律师事务所 执业律师
- 关键词教育 国际部 CEO
Usage Guidance
Key points before installing or running this skill:
- Secrets and config: The code expects a config.py containing MEILISEARCH_HOST, MEILISEARCH_MASTER_KEY and (optionally) X402_WALLET_PRIVATE_KEY/X402_WALLET_ADDRESS. The package metadata does not declare these env vars — treat this as a manual configuration step. Do NOT paste any private key you care about into config.py without reviewing the code.
- Exposed secret file: The repo includes moltbook-credentials.json with an API key and other identifying fields. That file appears unrelated to the core service and may be a leaked credential. Remove or rotate any keys found in the repo before using, and do not publish that file.
- Payment recipient: SKILL.md and main.py are written to accept payments to whatever private key/address is configured. If you run this service, ensure the configured wallet is yours; if you use the included example or developer-supplied values, payments may go to the developer. Verify config.py.example and never use third-party private keys.
- Network actions: update_database.sh and utility scripts clone GitHub repos and the code can call ModelScope snapshot_download — these operations fetch external content. Run the import/update steps in an isolated environment and audit the imported data before indexing.
- Audit and harden before production: Remove sensitive artifacts (moltbook-credentials.json), declare required env vars in your deployment, avoid storing private keys in plaintext (use environment variables or a secrets manager), and validate config.py.example contents. Consider running the service in a sandbox/VM and monitoring outbound network traffic the first time you run it.
- If you need a short checklist: inspect config.py.example, delete/rotate any credentials in the repo, run imports in isolation, set Meilisearch master key to a strong value, and only configure your own wallet private key if you understand the payment flow and trust the code.
Because of undeclared credential requirements and an included secret file, this skill is internally inconsistent and could lead to accidental key leakage or misdirected payments — proceed only after the fixes and audits above.
Capability Analysis
Type: OpenClaw Skill
Name: legal-cn-api
Version: 1.0.0
The skill bundle implements a Chinese law search API with a micro-payment layer (x402 protocol), but exhibits high-risk credential handling. It explicitly instructs the user or agent to store a wallet private key in a plaintext configuration file (config.py) and includes a hardcoded API key in 'moltbook-credentials.json'. While these elements support the stated purpose of hosting a paid API, the requirement for sensitive private keys and the presence of hardcoded secrets are significant security vulnerabilities that could be exploited for credential theft in an AI agent environment.
Capability Assessment
Purpose & Capability
The name/description (legal-cn-api search + x402 micropayments) aligns with the included code (FastAPI + Meilisearch + x402). However the skill declares no required environment variables or primary credential while the code expects a config.py with Meilisearch host/key, x402 wallet address and private key, price, and other settings. The project also ships moltbook-credentials.json (contains an API key / verification code) which is unrelated to the stated purpose and is a sensitive artifact. The mismatch between declared requirements and actual code/config is a coherence problem.
Instruction Scope
SKILL.md instructs cloning repos, running update_database.sh (which clones/imports external law datasets), installing requirements, launching Meilisearch, and editing config.py to insert a wallet private key. Asking the user to paste a private key into config.py is outside 'simple' search setup risk profile and should be explicit in the metadata. The SKILL.md also claims payments go 'to developer wallet' and shows developer contact — that could mislead users about who receives funds if defaults or example config point to the developer. The pre-scan also flagged unicode-control-chars in SKILL.md (prompt-injection pattern).
Install Mechanism
There is no automated arbitrary binary download; installation is standard: pip install -r requirements.txt and docker-compose up for Meilisearch. The code clones/uses third-party GitHub repos and optionally ModelScope via its Python API (snapshot_download) — those are known sources, but they pull external data at runtime. No use of opaque personal servers or URL shorteners for installs was observed.
Credentials
The runtime needs secrets (Meilisearch master key, optional x402 wallet private key/address) but the skill package declares no required env vars. In addition, a file moltbook-credentials.json containing an API key and verification/claim URLs is included in the repo — an exposed secret unrelated to Meilisearch or x402. This combination (undeclared secrets + shipped secret file) is disproportionate and risky.
Persistence & Privilege
The skill is not marked always:true and does not request elevated platform privileges. It does not modify other skills or system-wide settings. Autonomous invocation (disable-model-invocation:false) is the platform default and is not by itself flagged here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install legal-cn-api - After installation, invoke the skill by name or use
/legal-cn-api - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is legal-cn-api?
提供结构化中国法律条文检索API,按次付费,数据自动更新,支持实时查询最新法律法规内容。 It is an AI Agent Skill for Claude Code / OpenClaw, with 98 downloads so far.
How do I install legal-cn-api?
Run "/install legal-cn-api" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is legal-cn-api free?
Yes, legal-cn-api is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does legal-cn-api support?
legal-cn-api is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created legal-cn-api?
It is built and maintained by Felix Feng (@fengfelix); the current version is v1.0.0.
More Skills