AgentKits

AI Contract Review Agent

Flagship BlueprintAgentAz™ Enhanced
0New

Includes Agent Blueprint + Implementation Guide

An agent that reviews a contract the way a careful commercial lawyer would on a first pass: clause by clause against your playbook, flagging risky terms and — just as importantly — missing ones, classifying severity, proposing fallback language, and producing a redline summary for counsel. It is built defensively: it grounds every finding in the actual contract text, never invents clauses, never signs or approves anything, escalates high-risk deviations to a human, and is explicit that it provides review assistance, not legal advice.

legalcontractsclmreviewplaybookriskautonomous-agentredliningagentazagent-governancetrust-levelproduction-readiness
StackClaude, LangGraph, OpenAI
DifficultyAdvanced
Setup45 min
Version2.0.0 · 2026-06-21
Share

Overview

Clause-by-clause review against your playbook: flags risky terms, missing clauses, and deviations, each with a severity and a citation to the contract text.

Proposes concrete fallback language from your standards instead of vague 'this is risky' comments.

Catches omissions, not just bad clauses — a missing liability cap or DPA is often the real risk.

Defensive: grounded in the document, never invents terms, never approves or signs, and escalates high-risk deviations to counsel. Review assistance, not legal advice.

AgentAz™ specification

A lightweight, design-time governance spec for security review. It documents what this agent is authorized to do — and why — and pairs with whatever policy engine you already run. It does not enforce anything at runtime.

Trust Level ?A2 — Recommend
DNA PatternEvaluation (Research → Evaluate)
Worst-Case ActionSurfaces an incorrect risk assessment or misses a risky clause, flagged for a lawyer to review. It cannot sign, send, approve, or alter a contract — execution tools are absent from its registry.
Authority BoundaryReads a contract, flags risky or non-standard clauses, and suggests redlines for human review. It never signs, sends, approves, or commits to a contract. A lawyer makes every decision.
Verification TestAttempt to call a sign, send, or contract-write tool → confirm it is absent from the agent's registry.
Production Readiness6/6 dimensions passing. Tool isolation: signing/sending tools absent. Human gates: a lawyer decides. Confidence escalation: low-confidence clauses flagged. Cost ceiling: bounded per review. Audit trail: flags and rationale logged. Escalation path: ambiguous clauses routed to counsel.
Last Reviewed2026-06-24

Machine-readable contract (agentaz.json), validated against the open AgentAz™ JSON Schema — bundled for offline use and published at a permanent URL:

agentaz.json
{
  "$schema": "./agentaz.schema.json",
  "version": "2.0.0",
  "last_reviewed": "2026-06-24",
  "agent_id": "contract-clause-review-agent",
  "trust_level": "A2",
  "dna_pattern": "Evaluation",
  "worst_case_action": "Surfaces an incorrect clause risk assessment for human review. Cannot sign or alter contracts.",
  "authority_boundary": "Reads and evaluates contract clauses; flags risks for review. No signing/sending tools present.",
  "tags": [
    "legal",
    "contract-review",
    "read-only",
    "human-review"
  ],
  "tool_boundary": {
    "allowed_tools": [
      "read_contract",
      "identify_clauses",
      "assess_risk",
      "suggest_redline"
    ],
    "execution_tools_absent": true
  },
  "output_boundary": {
    "format": "structured_json",
    "never_emits": [
      "contract_sign",
      "contract_send",
      "approval"
    ]
  },
  "cost_boundary": {
    "max_usd_per_trace_loop": 0.3,
    "alert_threshold_usd": 0.2
  },
  "loop_boundary": {
    "max_reasoning_turns": 10
  },
  "human_handoff": {
    "triggers": [
      "high_risk_clause",
      "non_standard_term",
      "low_confidence"
    ],
    "destination": "legal_review_queue"
  },
  "audit": {
    "append_only": true,
    "logs": [
      "flags",
      "risk_scores",
      "rationale"
    ]
  }
}

New to this? Read the AgentAz specification guide — Trust Levels, DNA patterns, and how it complements your runtime.

This is a flagship reference blueprint for AgentAz v1.0.0. AgentAz™ is open source under Apache-2.0 (spec text under CC‑BY‑4.0) — schema and source on GitHub.

Governance matrix

A scannable summary of this blueprint's governance coverage, derived from its AgentAz™ specification. It documents the boundaries that already ship — not new functionality.

Agent goalBounded by the authority spec above
Trust LevelA2 — Recommend
Tool accessLeast privilege — execution tools absent (read-only)
Context handlingGrounded in provided inputs; cites or flags rather than guessing
Memory strategyTask-scoped; no persistent cross-session memory
Human approvalRequired on high risk clause, non standard term, low confidence → legal review queue
Audit trailAppend-only log (flags, risk scores, rationale)
Cost & loop bounds≤ $0.3 per loop · ≤ 10 reasoning turns
Recovery / escalationEscalates to legal review queue

Agent component mapping

A framework-neutral view of how this blueprint maps to standard agent-architecture components (the vocabulary common to ADK-style frameworks). It describes structure for clarity — not an official integration or certified compatibility.

AgentPrimary reasoner — Recommend authority (A2)
Toolsread contract, identify clauses, assess risk, suggest redline — execution tools absent (read-only)
MemoryTask-scoped working context; no persistent cross-session memory
GuardrailsWorst-case classified (A2); no execution tools; ≤ $0.3/loop · ≤ 10 turns
EvaluatorConfidence and authority-boundary checks; low-confidence or out-of-bounds results are flagged, not actioned
HandoffEscalates to legal review queue on high risk clause, non standard term, low confidence

Failure modes

Specific ways this blueprint can fail, and how it is designed to detect, contain, and recover from each — the boundaries that make it safe to run, stated plainly.

Misreads a clause or misses a deviation from the standard position.

Detection
Clauses are compared against documented standard positions; deviations and confidence are flagged.
Mitigation
A first pass only — a lawyer reviews every flagged item.
Recovery
Human review catches it and the standard library is updated.

Hallucinates a clause that isn't in the contract.

Detection
Every finding cites its clause location; uncited findings are withheld.
Mitigation
Uncited terms are never asserted.
Recovery
The lawyer verifies against the source document.

Reviews the wrong contract version.

Detection
A document hash or version is checked before review.
Mitigation
The review aborts on a version mismatch.
Recovery
The correct version is loaded and re-reviewed.

Evaluation

Deviation recall is primary — catching clauses that diverge from your standard positions — because a missed deviation is the expensive one.

Deviation recallOf clauses that deviate from the standard position, the share it flags.
PrecisionOf flags raised, the share that are real deviations — noise resistance.
Citation accuracyWhether each finding points to the actual clause, with no hallucinated clauses.
CoverageShare of the contract's clauses actually reviewed.
LatencyTime to review per contract.

Recommended approach. Build a set of contracts annotated by lawyers against your standard positions; measure deviation recall and precision, and verify every finding cites a real clause. Include a few absent-clause traps to catch hallucination.

When to use

Use it when

  • Your legal/ops team reviews a high volume of similar third-party contracts (NDAs, MSAs, DPAs, vendor agreements) and wants a fast, consistent first pass.
  • You have a playbook or set of standard positions and fallbacks the agent can review against.
  • You want flagged risks with proposed redlines and a counsel-ready summary, not a black-box 'risk score.'
  • You want to triage which contracts are clean enough to fast-track and which need a lawyer's attention.

Avoid it when

  • You expect it to give legal advice, make the final call, or sign — those are human (and counsel) responsibilities.
  • The agreement is bespoke, high-stakes, or litigation-related and needs a lawyer from the start.
  • You have no playbook or standards for it to review against, so 'deviation' has no meaning.
  • You can't keep counsel in the loop on high-risk findings.

System prompt

system-prompt.md
You are a Contract Review Agent assisting a legal team. You review ONE contract against the company's playbook and surface what a careful lawyer would want to see first. You are review assistance, NOT a lawyer, and you do not give legal advice or make final decisions. You are judged on catching real risks and omissions, precision, and never overstepping into advice or approval.

== CORE PRINCIPLES ==
1. Grounded in the document. Quote or cite the exact clause (section/heading) for every finding. Never invent a clause, obligation, or number that is not in the contract. If something is ambiguous, say so.
2. Risks AND gaps. Review what is present (bad terms) and what is missing (absent protections the playbook requires). A missing liability cap or data-processing clause is often the biggest risk.
3. Playbook-relative. Judge terms against the company's standard positions and fallbacks, not your own opinion. 'Deviation from playbook' is the unit of analysis.

== HARD RULES (NON-NEGOTIABLE) ==
- NOT LEGAL ADVICE: You provide review assistance. State this. You do not advise, opine on enforceability, or make the call to accept/reject. You surface issues and proposed language for a human.
- DO NOT APPROVE OR SIGN: You never mark a contract approved, executed, or safe to sign. Your output is findings + recommendations for counsel.
- NO FABRICATION: Every flagged term must be quoted/cited from the contract. Do not assume standard terms are present; if you can't find a required clause, flag it as MISSING, not present.
- ESCALATE HIGH RISK: Any high-severity deviation (e.g. uncapped liability, broad indemnity, IP assignment, problematic governing law, missing data-protection terms) must be flagged for counsel review, not just noted.
- CONFIDENTIALITY: Treat the contract as confidential. Do not leak terms outside the review output.

== REVIEW METHOD (priority areas) ==
Liability & limitation; indemnification; termination & renewal (incl. auto-renewal traps); IP & ownership; confidentiality; data protection/privacy (DPA, security, breach notice); payment & pricing; warranties; governing law & dispute resolution; assignment & change of control; and any clause that deviates from the playbook. For each: quote it, compare to the standard position, rate severity, and propose fallback language.

== SEVERITY ==
- HIGH: materially shifts risk/liability, gives away IP, removes a required protection, or a missing clause the playbook mandates. Counsel review required.
- MEDIUM: a real deviation worth negotiating.
- LOW: minor/stylistic or acceptable-with-note.

== OUTPUT FORMAT (return ONE JSON object) ==
{
  "summary": "<2-4 sentences: contract type, overall risk posture, headline issues>",
  "disposition": "fast_track|negotiate|counsel_review",
  "not_legal_advice": true,
  "findings": [
    {
      "clause": "<section/heading or 'MISSING: <required clause>'>",
      "quote": "<short quote from the contract, or empty if missing>",
      "issue": "<how it deviates from the playbook and why it matters>",
      "severity": "HIGH|MEDIUM|LOW",
      "fallback": "<proposed standard/fallback language>"
    }
  ],
  "missing_clauses": ["<required clauses not found>"],
  "escalate_to_counsel": { "needed": <bool>, "reason": "<which high-severity items>" }
}
Set disposition to counsel_review whenever any HIGH finding or required missing clause exists. Keep quotes short; do not reproduce large passages.
Was this useful?

Simulate run

Try the agent with a sample task. This is a frontend-only preview that shows how the kit would plan and execute — no API calls, nothing leaves your browser.

Frontend preview only — no data leaves your browser. Tip: press ⌘/Ctrl + Enter to run.

Setup guide

Install and load your playbook

Install the agent and point it at your playbook of standard positions and fallbacks.

shell
pipx install contract-review-agent
contract-review-agent playbook import ./playbook/
# -> 'Loaded 6 contract types, 84 standard positions, 84 fallbacks'

Configure model and confidentiality

Set the model and keep documents in your environment. The agent is review-only by config.

shell
cp .env.example .env
ANTHROPIC_API_KEY=sk-ant-...
REVIEW_ONLY=true        # never marks approved/executed
ESCALATE_ON: ["HIGH", "missing_mandatory"]
COUNSEL_QUEUE=legal-review

Define required clauses per type

Tell it which clauses are mandatory so omissions are caught, not assumed present.

shell
# .contracts.yml
msa:
  required: ["limitation_of_liability", "indemnity", "termination", "confidentiality", "governing_law"]
dpa:
  required: ["processing_scope", "security_measures", "breach_notification", "subprocessors"]

Review a contract from the CLI

Run a review and inspect the findings, missing clauses, and disposition before wiring it into your CLM.

shell
contract-review-agent review ./vendor-msa.pdf --explain
# prints summary, findings (quote+severity+fallback), missing_clauses, disposition

Integrate with your CLM/intake

Route incoming third-party paper to the agent for a first pass; high-severity items go to counsel automatically.

shell
# intake webhook -> POST https://your-host/contracts/review
# disposition=counsel_review auto-assigns to the legal queue

Architecture

Tools required

get_contractRetrieve and load the contract document (PDF/DOCX/text) for review.
parse_clausesSplit the contract into clauses/sections with headings and numbering for structured, citable analysis.
playbook_lookupReturn the company's standard position, required clauses, and fallback language for the relevant contract type.
risk_classifyAssign a severity (HIGH/MEDIUM/LOW) to a clause deviation based on the playbook and risk rubric.
precedent_searchFind how similar clauses were handled in past reviewed contracts for consistency.
redline_suggestGenerate proposed fallback/redline language for a flagged clause from the playbook standards.
summarize_for_counselAssemble the citation-backed findings, missing clauses, and disposition into a counsel-ready summary.
escalate_to_legalRoute the contract to a named attorney/queue for high-severity deviations or required missing clauses.

Workflow

  1. 1. Intake and identify

    Load the contract, parse it into clauses, and identify the contract type to select the right playbook.

  2. 2. Ground in the playbook

    Load the company's standard positions, required clauses, and fallbacks for that contract type.

  3. 3. Review clause by clause

    Compare each clause to the playbook, quoting the text, explaining any deviation, and rating severity. Don't opine on enforceability.

  4. 4. Check for omissions

    Separately verify that every playbook-required clause is present; flag any that are missing as findings in their own right.

  5. 5. Propose fallbacks

    For each material finding, generate concrete fallback/redline language from the playbook so counsel has a starting point.

  6. 6. Set disposition & escalate

    Any high-severity deviation or missing mandatory clause sets disposition to counsel review and routes to a named attorney.

  7. 7. Summarize & learn

    Produce the counsel-ready summary, then log accept/override outcomes to refine the playbook and prompt.

Examples

Overbroad non-compete in an NDA → flag with fallback

A mutual NDA is mostly standard but slips in a broad non-compete. The agent flags it and proposes playbook fallback language.

Input

input
NDA §7: 'For 3 years after disclosure, Recipient shall not engage in any business that competes, directly or indirectly, with Discloser anywhere in the world.'

Output

output
{
  "summary": "Mutual NDA, largely standard, but §7 embeds a broad worldwide 3-year non-compete that exceeds an NDA's purpose and the playbook. One MEDIUM-HIGH issue; otherwise fast-trackable.",
  "disposition": "negotiate",
  "not_legal_advice": true,
  "findings": [
    {
      "clause": "§7 Non-compete",
      "quote": "shall not engage in any business that competes... anywhere in the world",
      "issue": "An NDA should protect confidential information, not impose a non-compete. A worldwide, 3-year, 'directly or indirectly' restriction is far outside the playbook and likely unreasonable in scope.",
      "severity": "HIGH",
      "fallback": "Delete §7. If a restriction is required, limit to non-use/non-disclosure of Confidential Information (the playbook's standard NDA position), with no separate non-compete."
    }
  ],
  "missing_clauses": [],
  "escalate_to_counsel": { "needed": true, "reason": "HIGH-severity non-compete embedded in an NDA — counsel should confirm removal." }
}

Note: The agent doesn't just say 'this looks risky' — it quotes the exact clause, explains why a non-compete doesn't belong in an NDA, and proposes the playbook fallback (delete it). High severity sets a counsel-review escalation while keeping the rest fast-trackable.

MSA with uncapped liability + auto-renewal trap → two HIGH flags

A vendor MSA looks tidy but caps the vendor's liability while leaving the customer exposed and buries an auto-renewal. Both are material.

Input

input
MSA §11: 'Vendor's total liability shall not exceed fees paid in the prior 3 months. Customer shall indemnify Vendor for all claims arising from use.' §3: 'This Agreement renews automatically for successive 1-year terms unless canceled 90 days before renewal.'

Output

output
{
  "summary": "Vendor MSA with an asymmetric, very low liability cap plus a broad one-way customer indemnity (§11) and a 90-day auto-renewal trap (§3). Two HIGH issues — counsel review required.",
  "disposition": "counsel_review",
  "not_legal_advice": true,
  "findings": [
    {
      "clause": "§11 Liability & indemnity",
      "quote": "Vendor's total liability shall not exceed fees paid in the prior 3 months... Customer shall indemnify Vendor for all claims",
      "issue": "Caps Vendor's liability at ~3 months of fees while making Customer's indemnity unlimited and one-way — a significant, asymmetric risk shift versus the playbook (mutual indemnity, 12-month cap, carve-outs for breach/IP/confidentiality).",
      "severity": "HIGH",
      "fallback": "Make liability mutual with a cap of 12 months' fees; add standard carve-outs (confidentiality, IP infringement, gross negligence). Make indemnity mutual and scope it to third-party claims."
    },
    {
      "clause": "§3 Term & renewal",
      "quote": "renews automatically... unless canceled 90 days before renewal",
      "issue": "Auto-renewal with a 90-day notice window is a lock-in trap and exceeds the playbook's 30-day standard.",
      "severity": "MEDIUM",
      "fallback": "Reduce the non-renewal notice period to 30 days, or require affirmative renewal."
    }
  ],
  "missing_clauses": [],
  "escalate_to_counsel": { "needed": true, "reason": "Asymmetric uncapped customer indemnity and low vendor cap (§11)." }
}

Note: It catches two different problems in a 'clean-looking' MSA — an asymmetric liability/indemnity split and an auto-renewal trap — quotes each, explains the risk against the playbook, and proposes specific fallbacks. The HIGH finding forces counsel review.

Looks fine, but a required DPA clause is MISSING → flag the gap

A SaaS agreement that processes personal data reads cleanly, but it lacks a data-processing clause the playbook requires. The agent flags the omission a clause-reader would miss.

Input

input
SaaS agreement covering a product that ingests customer personal data. Clauses present: subscription, fees, support, IP, termination, governing law. No data-processing/DPA or breach-notification terms anywhere in the document.

Output

output
{
  "summary": "SaaS agreement for a product that processes personal data, but it contains NO data-processing/DPA or breach-notification terms — a required-clause omission under the playbook. Present clauses are otherwise standard.",
  "disposition": "counsel_review",
  "not_legal_advice": true,
  "findings": [
    {
      "clause": "MISSING: Data Processing Addendum / privacy terms",
      "quote": "",
      "issue": "The product ingests personal data, but the agreement has no DPA, no security obligations, no subprocessor terms, and no breach-notification clause. The playbook requires these whenever personal data is processed; their absence is a HIGH risk, not a neutral silence.",
      "severity": "HIGH",
      "fallback": "Attach the company standard DPA: processing scope/purpose limitation, security measures, subprocessor controls, breach notification within 72 hours, and audit rights."
    }
  ],
  "missing_clauses": ["data_processing_addendum", "breach_notification", "security_measures", "subprocessors"],
  "escalate_to_counsel": { "needed": true, "reason": "Required data-protection clauses are entirely absent for a product that processes personal data." }
}

Note: The most valuable example: nothing in the contract is 'wrong,' so a naive clause-reader approves it. The agent instead notices what's absent — a mandatory DPA and breach-notification terms for a product handling personal data — and flags the omission as HIGH with the standard clauses to add. Catching gaps is where contract review really pays off.

Implementation notes

  • Keep it review-only in config: it must never mark a contract approved, executed, or safe to sign, and every output should carry the 'not legal advice' framing.
  • Make missing-clause detection a first-class check driven by a per-contract-type required list — omissions are often the biggest risk and are exactly what clause-by-clause reading misses.
  • Require a quote/citation for every present-clause finding; if a required clause can't be found, flag MISSING rather than assuming it's there.
  • Route every HIGH finding or missing mandatory clause to counsel automatically; the agent triages, lawyers decide.
  • Ground fallbacks in your actual playbook so redlines are consistent with positions your team already approved.
  • Treat contracts as confidential, keep documents in your environment, and log human accept/override to refine the playbook.
  • Spend the strong model on the deviation analysis and fallback drafting — a cheaper model can parse and segment clauses.

Variations

Basic

First-pass risk flagger

Reviews a contract clause by clause against your playbook and returns flagged risks, missing clauses, and severities with citations for a human to action.

Advanced

Redlining reviewer

Adds playbook-grounded fallback language for each finding, missing-clause detection, and automatic counsel-review routing for high-severity deviations.

Enterprise

Governed CLM reviewer

Integrates with your CLM and intake, supports multiple contract types and jurisdictions, enforces confidentiality controls, and tunes the playbook from reviewer feedback at scale.

Download the Agent Blueprint

The complete blueprint, zipped — including a runnable run.py you can execute with one API key (Anthropic or OpenAI).

Download Blueprint (.zip)
README.mdsystem-prompt.mdsetup-guide.mdtools.jsonworkflow.mdexamples.md.env.examplekit.jsonrun.pyLICENSENOTICEstarters/

Export

Generate a starter for your stack — all client-side, nothing leaves your browser.

ZIP

Starters use mock tools — swap in your integrations to deploy.

View the source on GitHub

This flagship blueprint and the AgentAz™ specification live in the central AgentKits registry — open source under Apache-2.0 (code & schema) and CC‑BY‑4.0 (text).

Frequently asked questions