review-contract

/review-contract -- Contract Review Against Playbook

If you see unfamiliar placeholders or need to check which tools are connected, see

CONNECTORS.md

.

Review a contract against your organization's negotiation playbook. Analyze each clause, flag deviations, generate redline suggestions, and provide business impact analysis.

Important

You assist with legal workflows but do not provide legal advice. All analysis should be reviewed by qualified legal professionals before being relied upon.

Invocation

/review-contract

Review the contract: @$1

Workflow

Step 1: Accept the Contract

Accept the contract in any of these formats:

File upload

PDF, DOCX, or other document format

URL

Link to a contract in your CLM, cloud storage (e.g., Box, Egnyte, SharePoint), or other document system

Pasted text

Contract text pasted directly into the conversation

If no contract is provided, prompt the user to supply one.

Step 2: Gather Context

Ask the user for context before beginning the review:

Which side are you on?

(vendor/supplier, customer/buyer, licensor, licensee, partner -- or other)

Deadline

When does this need to be finalized? (Affects prioritization of issues)

Focus areas

Any specific concerns? (e.g., "data protection is critical", "we need flexibility on term", "IP ownership is the key issue")

Deal context

Any relevant business context? (e.g., deal size, strategic importance, existing relationship)

If the user provides partial context, proceed with what you have and note assumptions.

Step 3: Load the Playbook

Look for the organization's contract review playbook in local settings (e.g.,

legal.local.md

or similar configuration files).

The playbook should define:

Standard positions

The organization's preferred terms for each major clause type

Acceptable ranges

Terms that can be agreed to without escalation

Escalation triggers

Terms that require senior counsel review or outside counsel involvement

If no playbook is configured:

Inform the user that no playbook was found

Offer two options:

Help the user set up their playbook (walk through defining positions for key clauses)

Proceed with a generic review using widely-accepted commercial standards as the baseline

If proceeding generically, clearly note that the review is based on general commercial standards, not the organization's specific positions

Step 4: Clause-by-Clause Analysis

Apply the following review process:

Identify the contract type

SaaS agreement, professional services, license, partnership, procurement, etc. The contract type affects which clauses are most material.

Determine the user's side

Vendor, customer, licensor, licensee, partner. This fundamentally changes the analysis (e.g., limitation of liability protections favor different parties).

Read the entire contract

before flagging issues. Clauses interact with each other (e.g., an uncapped indemnity may be partially mitigated by a broad limitation of liability).

Analyze each material clause

against the playbook position.

Consider the contract holistically

Are the overall risk allocation and commercial terms balanced?

Analyze the contract systematically, covering at minimum:

Clause Category

Key Review Points

Limitation of Liability

Cap amount, carveouts, mutual vs. unilateral, consequential damages

Indemnification

Scope, mutual vs. unilateral, cap, IP infringement, data breach

IP Ownership

Pre-existing IP, developed IP, work-for-hire, license grants, assignment

Data Protection

DPA requirement, processing terms, sub-processors, breach notification, cross-border transfers

Confidentiality

Scope, term, carveouts, return/destruction obligations

Representations & Warranties

Scope, disclaimers, survival period

Term & Termination

Duration, renewal, termination for convenience, termination for cause, wind-down

Governing Law & Dispute Resolution

Jurisdiction, venue, arbitration vs. litigation

Insurance

Coverage requirements, minimums, evidence of coverage

Assignment

Consent requirements, change of control, exceptions

Force Majeure

Scope, notification, termination rights

Payment Terms

Net terms, late fees, taxes, price escalation

For each clause, assess against the playbook (or generic standards) and note whether it is present, absent, or unusual.

Detailed Clause Guidance

Limitation of Liability

Key elements to review:

Cap amount (fixed dollar amount, multiple of fees, or uncapped)

Whether the cap is mutual or applies differently to each party

Carveouts from the cap (what liabilities are uncapped)

Whether consequential, indirect, special, or punitive damages are excluded

Whether the exclusion is mutual

Carveouts from the consequential damages exclusion

Whether the cap applies per-claim, per-year, or aggregate

Common issues:

Cap set at a fraction of fees paid (e.g., "fees paid in the prior 3 months" on a low-value contract)

Asymmetric carveouts favoring the drafter

Broad carveouts that effectively eliminate the cap (e.g., "any breach of Section X" where Section X covers most obligations)

No consequential damages exclusion for one party's breaches

Indemnification

Key elements to review:

Whether indemnification is mutual or unilateral

Scope: what triggers the indemnification obligation (IP infringement, data breach, bodily injury, breach of reps and warranties)

Whether indemnification is capped (often subject to the overall liability cap, or sometimes uncapped)

Procedure: notice requirements, right to control defense, right to settle

Whether the indemnitee must mitigate

Relationship between indemnification and the limitation of liability clause

Common issues:

Unilateral indemnification for IP infringement when both parties contribute IP

Indemnification for "any breach" (too broad; essentially converts the liability cap to uncapped liability)

No right to control defense of claims

Indemnification obligations that survive termination indefinitely

Intellectual Property

Key elements to review:

Ownership of pre-existing IP (each party should retain their own)

Ownership of IP developed during the engagement

Work-for-hire provisions and their scope

License grants: scope, exclusivity, territory, sublicensing rights

Open source considerations

Feedback clauses (grants on suggestions or improvements)

Common issues:

Broad IP assignment that could capture the customer's pre-existing IP

Work-for-hire provisions extending beyond the deliverables

Unrestricted feedback clauses granting perpetual, irrevocable licenses

License scope broader than needed for the business relationship

Data Protection

Key elements to review:

Whether a Data Processing Agreement/Addendum (DPA) is required

Data controller vs. data processor classification

Sub-processor rights and notification obligations

Data breach notification timeline (72 hours for GDPR)

Cross-border data transfer mechanisms (SCCs, adequacy decisions, binding corporate rules)

Data deletion or return obligations on termination

Data security requirements and audit rights

Purpose limitation for data processing

Common issues:

No DPA when personal data is being processed

Blanket authorization for sub-processors without notification

Breach notification timeline longer than regulatory requirements

No cross-border transfer protections when data moves internationally

Inadequate data deletion provisions

Term and Termination

Key elements to review:

Initial term and renewal terms

Auto-renewal provisions and notice periods

Termination for convenience: available? notice period? early termination fees?

Termination for cause: cure period? what constitutes cause?

Effects of termination: data return, transition assistance, survival clauses

Wind-down period and obligations

Common issues:

Long initial terms with no termination for convenience

Auto-renewal with short notice windows (e.g., 30-day notice for annual renewal)

No cure period for termination for cause

Inadequate transition assistance provisions

Survival clauses that effectively extend the agreement indefinitely

Governing Law and Dispute Resolution

Key elements to review:

Choice of law (governing jurisdiction)

Dispute resolution mechanism (litigation, arbitration, mediation first)

Venue and jurisdiction for litigation

Arbitration rules and seat (if arbitration)

Jury waiver

Class action waiver

Prevailing party attorney's fees

Common issues:

Unfavorable jurisdiction (unusual or remote venue)

Mandatory arbitration with rules favorable to the drafter

Waiver of jury trial without corresponding protections

No escalation process before formal dispute resolution

Step 5: Flag Deviations

Classify each deviation from the playbook using a three-tier system:

GREEN -- Acceptable

The clause aligns with or is better than the organization's standard position. Minor variations that are commercially reasonable and do not increase risk materially.

Examples:

Liability cap at 18 months of fees when standard is 12 months (better for the customer)

Mutual NDA term of 2 years when standard is 3 years (shorter but reasonable)

Governing law in a well-established commercial jurisdiction close to the preferred one

Action

Note for awareness. No negotiation needed.

YELLOW -- Negotiate

The clause falls outside the standard position but within a negotiable range. The term is common in the market but not the organization's preference. Requires attention and likely negotiation, but not escalation.

Examples:

Liability cap at 6 months of fees when standard is 12 months (below standard but negotiable)

Unilateral indemnification for IP infringement when standard is mutual (common market position but not preferred)

Auto-renewal with 60-day notice when standard is 90 days

Governing law in an acceptable but not preferred jurisdiction

Action

Generate specific redline language. Provide fallback position. Estimate business impact of accepting vs. negotiating.

Include

Specific redline language to bring the term back to standard position

Include

Fallback position if the counterparty pushes back

Include

Business impact of accepting as-is vs. negotiating

RED -- Escalate

The clause falls outside acceptable range, triggers a defined escalation criterion, or poses material risk. Requires senior counsel review, outside counsel involvement, or business decision-maker sign-off.

Examples:

Uncapped liability or no limitation of liability clause

Unilateral broad indemnification with no cap

IP assignment of pre-existing IP

No DPA offered when personal data is processed

Unreasonable non-compete or exclusivity provisions

Governing law in a problematic jurisdiction with mandatory arbitration

Action

Explain the specific risk. Provide market-standard alternative language. Estimate exposure. Recommend escalation path.

Include

Why this is a RED flag (specific risk)

Include

What the standard market position looks like

Include

Business impact and potential exposure

Include

Recommended escalation path

Step 6: Generate Redline Suggestions

For each YELLOW and RED deviation, provide:

Current language

Quote the relevant contract text

Suggested redline

Specific alternative language

Rationale

Brief explanation suitable for sharing with the counterparty

Priority

Whether this is a must-have or nice-to-have in negotiation

Redline Generation Best Practices

When generating redline suggestions:

Be specific

Provide exact language, not vague guidance. The redline should be ready to insert.

Be balanced

Propose language that is firm on critical points but commercially reasonable. Overly aggressive redlines slow negotiations.

Explain the rationale

Include a brief, professional rationale suitable for sharing with the counterparty's counsel.

Provide fallback positions

For YELLOW items, include a fallback position if the primary ask is rejected.

Prioritize

Not all redlines are equal. Indicate which are must-haves and which are nice-to-haves.

Consider the relationship

Adjust tone and approach based on whether this is a new vendor, strategic partner, or commodity supplier.

Redline Format

For each redline:

Clause: [Section reference and clause name]

Current language: "[exact quote from the contract]"

Proposed redline: "[specific alternative language with additions in bold and deletions struck through conceptually]"

Rationale: [1-2 sentences explaining why, suitable for external sharing]

Priority: [Must-have / Should-have / Nice-to-have]

Fallback: [Alternative position if primary redline is rejected]

Step 7: Business Impact Summary

Provide a summary section covering:

Overall risk assessment

High-level view of the contract's risk profile

Top 3 issues

The most important items to address

Negotiation strategy

Recommended approach (which issues to lead with, what to concede)

Timeline considerations

Any urgency factors affecting the negotiation approach

Negotiation Priority Framework

When presenting redlines, organize by negotiation priority:

Tier 1 -- Must-Haves (Deal Breakers)

Issues where the organization cannot proceed without resolution:

Uncapped or materially insufficient liability protections

Missing data protection requirements for regulated data

IP provisions that could jeopardize core assets

Terms that conflict with regulatory obligations

Tier 2 -- Should-Haves (Strong Preferences)

Issues that materially affect risk but have negotiation room:

Liability cap adjustments within range

Indemnification scope and mutuality

Termination flexibility

Audit and compliance rights

Tier 3 -- Nice-to-Haves (Concession Candidates)

Issues that improve the position but can be conceded strategically:

Preferred governing law (if alternative is acceptable)

Notice period preferences

Minor definitional improvements

Insurance certificate requirements

Negotiation strategy

Lead with Tier 1 items. Trade Tier 3 concessions to secure Tier 2 wins. Never concede on Tier 1 without escalation. Step 8: CLM Routing (If Connected) If a Contract Lifecycle Management system is connected via MCP: Recommend the appropriate approval workflow based on contract type and risk level Suggest the correct routing path (e.g., standard approval, senior counsel, outside counsel) Note any required approvals based on contract value or risk flags If no CLM is connected, skip this step. Output Format Structure the output as:

Contract Review Summary

Document: [contract name/identifier] Parties: [party names and roles] Your Side: [vendor/customer/etc.] Deadline: [if provided] Review Basis: [Playbook / Generic Standards]

Key Findings

[Top 3-5 issues with severity flags]

Clause-by-Clause Analysis

[Clause Category] -- [GREEN/YELLOW/RED]

Contract says: [summary of the provision] Playbook position: [your standard] Deviation: [description of gap] Business impact: [what this means practically] Redline suggestion: [specific language, if YELLOW or RED] [Repeat for each major clause]

Negotiation Strategy

[Recommended approach, priorities, concession candidates]

Next Steps

[Specific actions to take] Notes If the contract is in a language other than English, note this and ask if the user wants a translation or review in the original language For very long contracts (50+ pages), offer to focus on the most material sections first and then do a complete review Always remind the user that this analysis should be reviewed by qualified legal counsel before being relied upon for legal decisions