Review Contract

1---2name: review-contract3description: Review a contract against your organization's negotiation playbook — flag deviations, generate redlines, provide business impact analysis. Use when reviewing vendor or customer agreements, when you need clause-by-clause analysis against standard positions, or when preparing a negotiation strategy with prioritized redlines and fallback positions.4argument-hint: "<contract file or text>"5---6 7# /review-contract -- Contract Review Against Playbook8 9> If you see unfamiliar placeholders or need to check which tools are connected, see [CONNECTORS.md](../../CONNECTORS.md).10 11Review a contract against your organization's negotiation playbook. Analyze each clause, flag deviations, generate redline suggestions, and provide business impact analysis.12 13**Important**: You assist with legal workflows but do not provide legal advice. All analysis should be reviewed by qualified legal professionals before being relied upon.14 15## Invocation16 17```18/review-contract <contract file or URL>19```20 21Review the contract: @$122 23## Workflow24 25### Step 1: Accept the Contract26 27Accept the contract in any of these formats:28- **File upload**: PDF, DOCX, or other document format29- **URL**: Link to a contract in your CLM, cloud storage (e.g., Box, Egnyte, SharePoint), or other document system30- **Pasted text**: Contract text pasted directly into the conversation31 32If no contract is provided, prompt the user to supply one.33 34### Step 2: Gather Context35 36Ask the user for context before beginning the review:37 381. **Which side are you on?** (vendor/supplier, customer/buyer, licensor, licensee, partner -- or other)392. **Deadline**: When does this need to be finalized? (Affects prioritization of issues)403. **Focus areas**: Any specific concerns? (e.g., "data protection is critical", "we need flexibility on term", "IP ownership is the key issue")414. **Deal context**: Any relevant business context? (e.g., deal size, strategic importance, existing relationship)42 43If the user provides partial context, proceed with what you have and note assumptions.44 45### Step 3: Load the Playbook46 47Look for the organization's contract review playbook in local settings (e.g., `legal.local.md` or similar configuration files).48 49The playbook should define:50- **Standard positions**: The organization's preferred terms for each major clause type51- **Acceptable ranges**: Terms that can be agreed to without escalation52- **Escalation triggers**: Terms that require senior counsel review or outside counsel involvement53 54**If no playbook is configured:**55- Inform the user that no playbook was found56- Offer two options:57  1. Help the user set up their playbook (walk through defining positions for key clauses)58  2. Proceed with a generic review using widely-accepted commercial standards as the baseline59- If proceeding generically, clearly note that the review is based on general commercial standards, not the organization's specific positions60 61### Step 4: Clause-by-Clause Analysis62 63Apply the following review process:64 651. **Identify the contract type**: SaaS agreement, professional services, license, partnership, procurement, etc. The contract type affects which clauses are most material.662. **Determine the user's side**: Vendor, customer, licensor, licensee, partner. This fundamentally changes the analysis (e.g., limitation of liability protections favor different parties).673. **Read the entire contract** before flagging issues. Clauses interact with each other (e.g., an uncapped indemnity may be partially mitigated by a broad limitation of liability).684. **Analyze each material clause** against the playbook position.695. **Consider the contract holistically**: Are the overall risk allocation and commercial terms balanced?70 71Analyze the contract systematically, covering at minimum:72 73| Clause Category | Key Review Points |74|----------------|-------------------|75| **Limitation of Liability** | Cap amount, carveouts, mutual vs. unilateral, consequential damages |76| **Indemnification** | Scope, mutual vs. unilateral, cap, IP infringement, data breach |77| **IP Ownership** | Pre-existing IP, developed IP, work-for-hire, license grants, assignment |78| **Data Protection** | DPA requirement, processing terms, sub-processors, breach notification, cross-border transfers |79| **Confidentiality** | Scope, term, carveouts, return/destruction obligations |80| **Representations & Warranties** | Scope, disclaimers, survival period |81| **Term & Termination** | Duration, renewal, termination for convenience, termination for cause, wind-down |82| **Governing Law & Dispute Resolution** | Jurisdiction, venue, arbitration vs. litigation |83| **Insurance** | Coverage requirements, minimums, evidence of coverage |84| **Assignment** | Consent requirements, change of control, exceptions |85| **Force Majeure** | Scope, notification, termination rights |86| **Payment Terms** | Net terms, late fees, taxes, price escalation |87 88For each clause, assess against the playbook (or generic standards) and note whether it is present, absent, or unusual.89 90#### Detailed Clause Guidance91 92##### Limitation of Liability93 94**Key elements to review:**95- Cap amount (fixed dollar amount, multiple of fees, or uncapped)96- Whether the cap is mutual or applies differently to each party97- Carveouts from the cap (what liabilities are uncapped)98- Whether consequential, indirect, special, or punitive damages are excluded99- Whether the exclusion is mutual100- Carveouts from the consequential damages exclusion101- Whether the cap applies per-claim, per-year, or aggregate102 103**Common issues:**104- Cap set at a fraction of fees paid (e.g., "fees paid in the prior 3 months" on a low-value contract)105- Asymmetric carveouts favoring the drafter106- Broad carveouts that effectively eliminate the cap (e.g., "any breach of Section X" where Section X covers most obligations)107- No consequential damages exclusion for one party's breaches108 109##### Indemnification110 111**Key elements to review:**112- Whether indemnification is mutual or unilateral113- Scope: what triggers the indemnification obligation (IP infringement, data breach, bodily injury, breach of reps and warranties)114- Whether indemnification is capped (often subject to the overall liability cap, or sometimes uncapped)115- Procedure: notice requirements, right to control defense, right to settle116- Whether the indemnitee must mitigate117- Relationship between indemnification and the limitation of liability clause118 119**Common issues:**120- Unilateral indemnification for IP infringement when both parties contribute IP121- Indemnification for "any breach" (too broad; essentially converts the liability cap to uncapped liability)122- No right to control defense of claims123- Indemnification obligations that survive termination indefinitely124 125##### Intellectual Property126 127**Key elements to review:**128- Ownership of pre-existing IP (each party should retain their own)129- Ownership of IP developed during the engagement130- Work-for-hire provisions and their scope131- License grants: scope, exclusivity, territory, sublicensing rights132- Open source considerations133- Feedback clauses (grants on suggestions or improvements)134 135**Common issues:**136- Broad IP assignment that could capture the customer's pre-existing IP137- Work-for-hire provisions extending beyond the deliverables138- Unrestricted feedback clauses granting perpetual, irrevocable licenses139- License scope broader than needed for the business relationship140 141##### Data Protection142 143**Key elements to review:**144- Whether a Data Processing Agreement/Addendum (DPA) is required145- Data controller vs. data processor classification146- Sub-processor rights and notification obligations147- Data breach notification timeline (72 hours for GDPR)148- Cross-border data transfer mechanisms (SCCs, adequacy decisions, binding corporate rules)149- Data deletion or return obligations on termination150- Data security requirements and audit rights151- Purpose limitation for data processing152 153**Common issues:**154- No DPA when personal data is being processed155- Blanket authorization for sub-processors without notification156- Breach notification timeline longer than regulatory requirements157- No cross-border transfer protections when data moves internationally158- Inadequate data deletion provisions159 160##### Term and Termination161 162**Key elements to review:**163- Initial term and renewal terms164- Auto-renewal provisions and notice periods165- Termination for convenience: available? notice period? early termination fees?166- Termination for cause: cure period? what constitutes cause?167- Effects of termination: data return, transition assistance, survival clauses168- Wind-down period and obligations169 170**Common issues:**171- Long initial terms with no termination for convenience172- Auto-renewal with short notice windows (e.g., 30-day notice for annual renewal)173- No cure period for termination for cause174- Inadequate transition assistance provisions175- Survival clauses that effectively extend the agreement indefinitely176 177##### Governing Law and Dispute Resolution178 179**Key elements to review:**180- Choice of law (governing jurisdiction)181- Dispute resolution mechanism (litigation, arbitration, mediation first)182- Venue and jurisdiction for litigation183- Arbitration rules and seat (if arbitration)184- Jury waiver185- Class action waiver186- Prevailing party attorney's fees187 188**Common issues:**189- Unfavorable jurisdiction (unusual or remote venue)190- Mandatory arbitration with rules favorable to the drafter191- Waiver of jury trial without corresponding protections192- No escalation process before formal dispute resolution193 194### Step 5: Flag Deviations195 196Classify each deviation from the playbook using a three-tier system:197 198#### GREEN -- Acceptable199 200The clause aligns with or is better than the organization's standard position. Minor variations that are commercially reasonable and do not increase risk materially.201 202**Examples:**203- Liability cap at 18 months of fees when standard is 12 months (better for the customer)204- Mutual NDA term of 2 years when standard is 3 years (shorter but reasonable)205- Governing law in a well-established commercial jurisdiction close to the preferred one206 207**Action**: Note for awareness. No negotiation needed.208 209#### YELLOW -- Negotiate210 211The clause falls outside the standard position but within a negotiable range. The term is common in the market but not the organization's preference. Requires attention and likely negotiation, but not escalation.212 213**Examples:**214- Liability cap at 6 months of fees when standard is 12 months (below standard but negotiable)215- Unilateral indemnification for IP infringement when standard is mutual (common market position but not preferred)216- Auto-renewal with 60-day notice when standard is 90 days217- Governing law in an acceptable but not preferred jurisdiction218 219**Action**: Generate specific redline language. Provide fallback position. Estimate business impact of accepting vs. negotiating.220- **Include**: Specific redline language to bring the term back to standard position221- **Include**: Fallback position if the counterparty pushes back222- **Include**: Business impact of accepting as-is vs. negotiating223 224#### RED -- Escalate225 226The clause falls outside acceptable range, triggers a defined escalation criterion, or poses material risk. Requires senior counsel review, outside counsel involvement, or business decision-maker sign-off.227 228**Examples:**229- Uncapped liability or no limitation of liability clause230- Unilateral broad indemnification with no cap231- IP assignment of pre-existing IP232- No DPA offered when personal data is processed233- Unreasonable non-compete or exclusivity provisions234- Governing law in a problematic jurisdiction with mandatory arbitration235 236**Action**: Explain the specific risk. Provide market-standard alternative language. Estimate exposure. Recommend escalation path.237- **Include**: Why this is a RED flag (specific risk)238- **Include**: What the standard market position looks like239- **Include**: Business impact and potential exposure240- **Include**: Recommended escalation path241 242### Step 6: Generate Redline Suggestions243 244For each YELLOW and RED deviation, provide:245- **Current language**: Quote the relevant contract text246- **Suggested redline**: Specific alternative language247- **Rationale**: Brief explanation suitable for sharing with the counterparty248- **Priority**: Whether this is a must-have or nice-to-have in negotiation249 250#### Redline Generation Best Practices251 252When generating redline suggestions:253 2541. **Be specific**: Provide exact language, not vague guidance. The redline should be ready to insert.2552. **Be balanced**: Propose language that is firm on critical points but commercially reasonable. Overly aggressive redlines slow negotiations.2563. **Explain the rationale**: Include a brief, professional rationale suitable for sharing with the counterparty's counsel.2574. **Provide fallback positions**: For YELLOW items, include a fallback position if the primary ask is rejected.2585. **Prioritize**: Not all redlines are equal. Indicate which are must-haves and which are nice-to-haves.2596. **Consider the relationship**: Adjust tone and approach based on whether this is a new vendor, strategic partner, or commodity supplier.260 261#### Redline Format262 263For each redline:264```265**Clause**: [Section reference and clause name]266**Current language**: "[exact quote from the contract]"267**Proposed redline**: "[specific alternative language with additions in bold and deletions struck through conceptually]"268**Rationale**: [1-2 sentences explaining why, suitable for external sharing]269**Priority**: [Must-have / Should-have / Nice-to-have]270**Fallback**: [Alternative position if primary redline is rejected]271```272 273### Step 7: Business Impact Summary274 275Provide a summary section covering:276- **Overall risk assessment**: High-level view of the contract's risk profile277- **Top 3 issues**: The most important items to address278- **Negotiation strategy**: Recommended approach (which issues to lead with, what to concede)279- **Timeline considerations**: Any urgency factors affecting the negotiation approach280 281#### Negotiation Priority Framework282 283When presenting redlines, organize by negotiation priority:284 285**Tier 1 -- Must-Haves (Deal Breakers)**286Issues where the organization cannot proceed without resolution:287- Uncapped or materially insufficient liability protections288- Missing data protection requirements for regulated data289- IP provisions that could jeopardize core assets290- Terms that conflict with regulatory obligations291 292**Tier 2 -- Should-Haves (Strong Preferences)**293Issues that materially affect risk but have negotiation room:294- Liability cap adjustments within range295- Indemnification scope and mutuality296- Termination flexibility297- Audit and compliance rights298 299**Tier 3 -- Nice-to-Haves (Concession Candidates)**300Issues that improve the position but can be conceded strategically:301- Preferred governing law (if alternative is acceptable)302- Notice period preferences303- Minor definitional improvements304- Insurance certificate requirements305 306**Negotiation strategy**: Lead with Tier 1 items. Trade Tier 3 concessions to secure Tier 2 wins. Never concede on Tier 1 without escalation.307 308### Step 8: CLM Routing (If Connected)309 310If a Contract Lifecycle Management system is connected via MCP:311- Recommend the appropriate approval workflow based on contract type and risk level312- Suggest the correct routing path (e.g., standard approval, senior counsel, outside counsel)313- Note any required approvals based on contract value or risk flags314 315If no CLM is connected, skip this step.316 317## Output Format318 319Structure the output as:320 321```322## Contract Review Summary323 324**Document**: [contract name/identifier]325**Parties**: [party names and roles]326**Your Side**: [vendor/customer/etc.]327**Deadline**: [if provided]328**Review Basis**: [Playbook / Generic Standards]329 330## Key Findings331 332[Top 3-5 issues with severity flags]333 334## Clause-by-Clause Analysis335 336### [Clause Category] -- [GREEN/YELLOW/RED]337**Contract says**: [summary of the provision]338**Playbook position**: [your standard]339**Deviation**: [description of gap]340**Business impact**: [what this means practically]341**Redline suggestion**: [specific language, if YELLOW or RED]342 343[Repeat for each major clause]344 345## Negotiation Strategy346 347[Recommended approach, priorities, concession candidates]348 349## Next Steps350 351[Specific actions to take]352```353 354## Notes355 356- If the contract is in a language other than English, note this and ask if the user wants a translation or review in the original language357- For very long contracts (50+ pages), offer to focus on the most material sections first and then do a complete review358- Always remind the user that this analysis should be reviewed by qualified legal counsel before being relied upon for legal decisions