@aporthq/aport-agent-guardrails 1.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +217 -0
- package/README.md +481 -0
- package/bin/agent-guardrails +133 -0
- package/bin/aport-create-passport.sh +444 -0
- package/bin/aport-cursor-hook.sh +90 -0
- package/bin/aport-guardrail-api.sh +108 -0
- package/bin/aport-guardrail-bash.sh +394 -0
- package/bin/aport-guardrail-v2.sh +5 -0
- package/bin/aport-guardrail.sh +5 -0
- package/bin/aport-resolve-paths.sh +71 -0
- package/bin/aport-status.sh +276 -0
- package/bin/frameworks/crewai.sh +49 -0
- package/bin/frameworks/cursor.sh +95 -0
- package/bin/frameworks/langchain.sh +48 -0
- package/bin/frameworks/n8n.sh +36 -0
- package/bin/frameworks/openclaw.sh +19 -0
- package/bin/lib/allowlist.sh +18 -0
- package/bin/lib/common.sh +28 -0
- package/bin/lib/config.sh +46 -0
- package/bin/lib/constants.sh +232 -0
- package/bin/lib/detect.sh +65 -0
- package/bin/lib/error.sh +269 -0
- package/bin/lib/passport.sh +19 -0
- package/bin/lib/templates/.gitkeep +1 -0
- package/bin/lib/templates/config.yaml +6 -0
- package/bin/lib/validation.sh +206 -0
- package/bin/openclaw +660 -0
- package/docs/ADDING_A_FRAMEWORK.md +87 -0
- package/docs/AGENTS.md.example +40 -0
- package/docs/CODE_REVIEW.md +192 -0
- package/docs/DEPLOYMENT_READINESS.md +81 -0
- package/docs/FAQ_SECURITY_SCANNERS.md +373 -0
- package/docs/FRAMEWORK_ROADMAP.md +41 -0
- package/docs/HOSTED_PASSPORT_SETUP.md +362 -0
- package/docs/IMPLEMENTING_YOUR_OWN_EVALUATOR.md +433 -0
- package/docs/OPENCLAW_COMPATIBILITY.md +73 -0
- package/docs/OPENCLAW_LOCAL_INTEGRATION.md +596 -0
- package/docs/OPENCLAW_TOOLS_AND_POLICIES.md +54 -0
- package/docs/QUICKSTART.md +470 -0
- package/docs/QUICKSTART_OPENCLAW_PLUGIN.md +470 -0
- package/docs/README.md +28 -0
- package/docs/RELEASE.md +87 -0
- package/docs/REPO_LAYOUT.md +47 -0
- package/docs/SKILLS_ECOSYSTEM_ANALYSIS_FEB17.md +1260 -0
- package/docs/TOOL_POLICY_MAPPING.md +46 -0
- package/docs/UPGRADE.md +46 -0
- package/docs/VERIFICATION_METHODS.md +97 -0
- package/docs/assets/README.md +8 -0
- package/docs/assets/porter.svg +54 -0
- package/docs/development/ERROR_CODES.md +616 -0
- package/docs/frameworks/GITHUB_ISSUE_PROPOSALS.md +1105 -0
- package/docs/frameworks/crewai.md +114 -0
- package/docs/frameworks/cursor.md +159 -0
- package/docs/frameworks/langchain.md +72 -0
- package/docs/frameworks/n8n.md +40 -0
- package/docs/frameworks/openclaw.md +40 -0
- package/docs/launch/ADD_APORT_AWESOME_LISTS_INSTRUCTIONS.md +146 -0
- package/docs/launch/ANNOUNCEMENT_GUIDE.md +266 -0
- package/docs/launch/AWESOME_REPOS.md +53 -0
- package/docs/launch/CURSOR_VSCODE_HOOKS_RESEARCH.md +77 -0
- package/docs/launch/DEMO_TERMINAL_OUTPUT.txt +48 -0
- package/docs/launch/DRY_AND_PLAN_CHECKLIST.md +47 -0
- package/docs/launch/EVIDENCE_README.md +61 -0
- package/docs/launch/EVIDENCE_TERMINAL_CAPTURE.txt +10 -0
- package/docs/launch/FRAMEWORK_SUPPORT_PLAN.md +1640 -0
- package/docs/launch/LAUNCH_READINESS_CHECKLIST.md +237 -0
- package/docs/launch/LAUNCH_STRATEGY_SUMMARY.md +464 -0
- package/docs/launch/OPENCLAW_FEEDBACK_AND_FIXES.md +85 -0
- package/docs/launch/POST_1_VALENTINE_IMPROVED.md +233 -0
- package/docs/launch/POST_2_GUARDRAIL_IMPROVED.md +369 -0
- package/docs/launch/PRE_LAUNCH_FIXES.md +766 -0
- package/docs/launch/QUICK_LAUNCH_CHECKLIST.md +400 -0
- package/docs/launch/READINESS_SUMMARY.md +262 -0
- package/docs/launch/README.md +68 -0
- package/docs/launch/USER_STORIES.md +327 -0
- package/docs/launch/scripts/add-aport-awesome-pr.sh +69 -0
- package/docs/operations/MONITORING.md +588 -0
- package/docs/reviews/2026-02-18-staff-review.md +268 -0
- package/extensions/openclaw-aport/README.md +415 -0
- package/extensions/openclaw-aport/index.js +625 -0
- package/extensions/openclaw-aport/openclaw-aport.js +7 -0
- package/extensions/openclaw-aport/openclaw.plugin.json +46 -0
- package/extensions/openclaw-aport/package.json +36 -0
- package/extensions/openclaw-aport/test.js +307 -0
- package/external/aport-policies/README.md +363 -0
- package/external/aport-policies/agent.session.create.v1/README.md +345 -0
- package/external/aport-policies/agent.session.create.v1/policy.json +162 -0
- package/external/aport-policies/agent.tool.register.v1/README.md +361 -0
- package/external/aport-policies/agent.tool.register.v1/policy.json +172 -0
- package/external/aport-policies/code.release.publish.v1/README.md +51 -0
- package/external/aport-policies/code.release.publish.v1/policy.json +121 -0
- package/external/aport-policies/code.repository.merge.v1/README.md +287 -0
- package/external/aport-policies/code.repository.merge.v1/express.example.js +332 -0
- package/external/aport-policies/code.repository.merge.v1/fastapi.example.py +370 -0
- package/external/aport-policies/code.repository.merge.v1/policy.json +162 -0
- package/external/aport-policies/data.export.create.v1/README.md +226 -0
- package/external/aport-policies/data.export.create.v1/express.example.js +172 -0
- package/external/aport-policies/data.export.create.v1/fastapi.example.py +165 -0
- package/external/aport-policies/data.export.create.v1/policy.json +133 -0
- package/external/aport-policies/data.report.ingest.v1/README.md +134 -0
- package/external/aport-policies/data.report.ingest.v1/express.example.js +105 -0
- package/external/aport-policies/data.report.ingest.v1/minimal-example.js +68 -0
- package/external/aport-policies/data.report.ingest.v1/policy.json +174 -0
- package/external/aport-policies/finance.crypto.trade.v1/README.md +146 -0
- package/external/aport-policies/finance.crypto.trade.v1/express.example.js +109 -0
- package/external/aport-policies/finance.crypto.trade.v1/minimal-example.js +65 -0
- package/external/aport-policies/finance.crypto.trade.v1/policy.json +176 -0
- package/external/aport-policies/finance.payment.charge.v1/README.md +326 -0
- package/external/aport-policies/finance.payment.charge.v1/express.example.js +250 -0
- package/external/aport-policies/finance.payment.charge.v1/fastapi.example.py +227 -0
- package/external/aport-policies/finance.payment.charge.v1/minimal-example.js +64 -0
- package/external/aport-policies/finance.payment.charge.v1/policy.json +224 -0
- package/external/aport-policies/finance.payment.charge.v1/tests/contexts.jsonl +12 -0
- package/external/aport-policies/finance.payment.charge.v1/tests/expected.jsonl +12 -0
- package/external/aport-policies/finance.payment.charge.v1/tests/passport.instance.json +42 -0
- package/external/aport-policies/finance.payment.charge.v1/tests/passport.template.json +40 -0
- package/external/aport-policies/finance.payment.charge.v1/tests/payments-charge-policy.test.js +817 -0
- package/external/aport-policies/finance.payment.charge.v1/tests/test_payments_charge_policy.py +486 -0
- package/external/aport-policies/finance.payment.payout.v1/README.md +78 -0
- package/external/aport-policies/finance.payment.payout.v1/policy.json +181 -0
- package/external/aport-policies/finance.payment.refund.v1/README.md +275 -0
- package/external/aport-policies/finance.payment.refund.v1/express.example.js +167 -0
- package/external/aport-policies/finance.payment.refund.v1/fastapi.example.py +136 -0
- package/external/aport-policies/finance.payment.refund.v1/minimal-example.js +183 -0
- package/external/aport-policies/finance.payment.refund.v1/policy.json +216 -0
- package/external/aport-policies/finance.payment.refund.v1/tests/refunds-policy.test.js +924 -0
- package/external/aport-policies/finance.payment.refund.v1/tests/test_refunds_policy.py +778 -0
- package/external/aport-policies/finance.transaction.execute.v1/README.md +309 -0
- package/external/aport-policies/finance.transaction.execute.v1/express.example.js +261 -0
- package/external/aport-policies/finance.transaction.execute.v1/fastapi.example.py +231 -0
- package/external/aport-policies/finance.transaction.execute.v1/minimal-example.js +78 -0
- package/external/aport-policies/finance.transaction.execute.v1/policy.json +189 -0
- package/external/aport-policies/finance.transaction.execute.v1/tests/contexts.jsonl +12 -0
- package/external/aport-policies/finance.transaction.execute.v1/tests/expected.jsonl +12 -0
- package/external/aport-policies/finance.transaction.execute.v1/tests/passport.instance.json +42 -0
- package/external/aport-policies/finance.transaction.execute.v1/tests/passport.template.json +42 -0
- package/external/aport-policies/finance.transaction.execute.v1/tests/test_transactions_policy.py +214 -0
- package/external/aport-policies/finance.transaction.execute.v1/tests/transactions-policy.test.js +306 -0
- package/external/aport-policies/governance.data.access.v1/README.md +292 -0
- package/external/aport-policies/governance.data.access.v1/express.example.js +321 -0
- package/external/aport-policies/governance.data.access.v1/fastapi.example.py +279 -0
- package/external/aport-policies/governance.data.access.v1/minimal-example.js +65 -0
- package/external/aport-policies/governance.data.access.v1/policy.json +208 -0
- package/external/aport-policies/governance.data.access.v1/tests/contexts.jsonl +12 -0
- package/external/aport-policies/governance.data.access.v1/tests/data-access-policy.test.js +308 -0
- package/external/aport-policies/governance.data.access.v1/tests/expected.jsonl +12 -0
- package/external/aport-policies/governance.data.access.v1/tests/passport.instance.json +56 -0
- package/external/aport-policies/governance.data.access.v1/tests/passport.template.json +56 -0
- package/external/aport-policies/governance.data.access.v1/tests/test_data_access_policy.py +214 -0
- package/external/aport-policies/legal.contract.review.v1/README.md +109 -0
- package/external/aport-policies/legal.contract.review.v1/policy.json +378 -0
- package/external/aport-policies/legal.contract.review.v1/tests/legal-contract-review-policy.test.js +609 -0
- package/external/aport-policies/legal.contract.review.v1/tests/passport.template.json +49 -0
- package/external/aport-policies/mcp.tool.execute.v1/README.md +301 -0
- package/external/aport-policies/mcp.tool.execute.v1/policy.json +141 -0
- package/external/aport-policies/messaging.message.send.v1/README.md +230 -0
- package/external/aport-policies/messaging.message.send.v1/express.example.js +183 -0
- package/external/aport-policies/messaging.message.send.v1/fastapi.example.py +193 -0
- package/external/aport-policies/messaging.message.send.v1/policy.json +144 -0
- package/external/aport-policies/policy-template.json +107 -0
- package/external/aport-policies/system.command.execute.v1/README.md +275 -0
- package/external/aport-policies/system.command.execute.v1/policy.json +146 -0
- package/external/aport-spec/CONTRIBUTING.md +273 -0
- package/external/aport-spec/LICENSE +21 -0
- package/external/aport-spec/README.md +168 -0
- package/external/aport-spec/conformance/README.md +294 -0
- package/external/aport-spec/conformance/cases/data.export.v1/contexts/allow_users.json +6 -0
- package/external/aport-spec/conformance/cases/data.export.v1/contexts/deny_pii.json +6 -0
- package/external/aport-spec/conformance/cases/data.export.v1/expected/allow_users.decision.json +19 -0
- package/external/aport-spec/conformance/cases/data.export.v1/expected/deny_pii.decision.json +19 -0
- package/external/aport-spec/conformance/cases/data.export.v1/passports/template.json +29 -0
- package/external/aport-spec/conformance/cases/payments.refunds.v1/contexts/allow_50usd.json +9 -0
- package/external/aport-spec/conformance/cases/payments.refunds.v1/contexts/deny_150usd.json +9 -0
- package/external/aport-spec/conformance/cases/payments.refunds.v1/contexts/deny_currency.json +9 -0
- package/external/aport-spec/conformance/cases/payments.refunds.v1/expected/allow_50usd.decision.json +19 -0
- package/external/aport-spec/conformance/cases/payments.refunds.v1/expected/deny_150usd.decision.json +19 -0
- package/external/aport-spec/conformance/cases/payments.refunds.v1/expected/deny_currency.decision.json +19 -0
- package/external/aport-spec/conformance/cases/payments.refunds.v1/passports/template.json +42 -0
- package/external/aport-spec/conformance/package.json +44 -0
- package/external/aport-spec/conformance/pnpm-lock.yaml +642 -0
- package/external/aport-spec/conformance/src/cases.ts +371 -0
- package/external/aport-spec/conformance/src/ed25519.ts +167 -0
- package/external/aport-spec/conformance/src/jcs.ts +85 -0
- package/external/aport-spec/conformance/src/runner.ts +533 -0
- package/external/aport-spec/conformance/src/validators.ts +185 -0
- package/external/aport-spec/conformance/test-runner.js +315 -0
- package/external/aport-spec/conformance/tsconfig.json +21 -0
- package/external/aport-spec/error-schema.json +192 -0
- package/external/aport-spec/index.json +12 -0
- package/external/aport-spec/integrations/clawmoat/README.md +12 -0
- package/external/aport-spec/integrations/shield/README.md +245 -0
- package/external/aport-spec/integrations/shield/adapters/index.js +116 -0
- package/external/aport-spec/integrations/shield/adapters/system-command-execute.js +133 -0
- package/external/aport-spec/integrations/shield/test/README.md +58 -0
- package/external/aport-spec/integrations/shield/test/shield.md +40 -0
- package/external/aport-spec/integrations/shield/test/test-shield-to-verify.js +274 -0
- package/external/aport-spec/metrics-schema.json +504 -0
- package/external/aport-spec/oap/CHANGELOG.md +54 -0
- package/external/aport-spec/oap/VERSION.md +40 -0
- package/external/aport-spec/oap/capability-registry.md +229 -0
- package/external/aport-spec/oap/conformance.md +257 -0
- package/external/aport-spec/oap/decision-schema.json +114 -0
- package/external/aport-spec/oap/examples/context.refund.usd.50.json +9 -0
- package/external/aport-spec/oap/examples/decision.allow.sample.json +20 -0
- package/external/aport-spec/oap/examples/decision.deny.sample.json +23 -0
- package/external/aport-spec/oap/examples/passport.instance.v1.json +50 -0
- package/external/aport-spec/oap/examples/passport.template.v1.json +71 -0
- package/external/aport-spec/oap/oap-spec.md +426 -0
- package/external/aport-spec/oap/passport-schema.json +396 -0
- package/external/aport-spec/oap/security.md +213 -0
- package/external/aport-spec/oap/vc/context-oap-v1.jsonld +137 -0
- package/external/aport-spec/oap/vc/examples/oap-decision-vc.json +37 -0
- package/external/aport-spec/oap/vc/examples/oap-passport-vc.json +68 -0
- package/external/aport-spec/oap/vc/tools/INTEGRATION.md +375 -0
- package/external/aport-spec/oap/vc/tools/README.md +278 -0
- package/external/aport-spec/oap/vc/tools/examples/decision-to-vc.js +66 -0
- package/external/aport-spec/oap/vc/tools/examples/passport-to-vc.js +83 -0
- package/external/aport-spec/oap/vc/tools/examples/vc-to-decision.js +77 -0
- package/external/aport-spec/oap/vc/tools/examples/vc-to-passport.js +94 -0
- package/external/aport-spec/oap/vc/tools/package.json +38 -0
- package/external/aport-spec/oap/vc/tools/pnpm-lock.yaml +472 -0
- package/external/aport-spec/oap/vc/tools/src/cli.ts +226 -0
- package/external/aport-spec/oap/vc/tools/src/crypto-utils.ts +427 -0
- package/external/aport-spec/oap/vc/tools/src/index.ts +653 -0
- package/external/aport-spec/oap/vc/tools/src/test.ts +148 -0
- package/external/aport-spec/oap/vc/tools/src/vp.ts +382 -0
- package/external/aport-spec/oap/vc/tools/test-simple.js +214 -0
- package/external/aport-spec/oap/vc/tools/tsconfig.json +19 -0
- package/external/aport-spec/oap/vc/vc-mapping.md +443 -0
- package/external/aport-spec/passport-schema.json +586 -0
- package/external/aport-spec/rate-limiting.md +136 -0
- package/external/aport-spec/transport-profile.md +325 -0
- package/external/aport-spec/webhook-spec.md +314 -0
- package/package.json +70 -0
- package/skills/aport-agent-guardrail/SKILL.md +314 -0
- package/src/evaluator.js +252 -0
- package/src/server/index.js +72 -0
|
@@ -0,0 +1,109 @@
|
|
|
1
|
+
# Legal Contract Review Policy (`legal.contract.review.v1`)
|
|
2
|
+
|
|
3
|
+
## Overview
|
|
4
|
+
|
|
5
|
+
The Legal Contract Review Policy provides pre-action governance for AI agents performing legal contract review, drafting, and redlining operations. This policy enforces firm-specific guardrails, privilege protection, attorney supervision requirements, and jurisdiction controls to prevent malpractice risk and ensure ABA ethics compliance.
|
|
6
|
+
|
|
7
|
+
## Use Cases
|
|
8
|
+
|
|
9
|
+
- **Contract Review**: AI agents review contracts with firm-specific guardrails
|
|
10
|
+
- **Contract Drafting**: AI agents draft contracts within defined parameters
|
|
11
|
+
- **Contract Redlining**: AI agents redline contracts with privilege protection
|
|
12
|
+
- **Attorney Supervision**: Enforces ABA Formal Opinion 512 requirements for AI supervision
|
|
13
|
+
|
|
14
|
+
## Requirements
|
|
15
|
+
|
|
16
|
+
### Capability
|
|
17
|
+
- `legal.contract.review` - Required capability for contract review operations
|
|
18
|
+
|
|
19
|
+
### Minimum Assurance Level
|
|
20
|
+
- **L3** - High assurance required for legal operations
|
|
21
|
+
|
|
22
|
+
### Required Limits
|
|
23
|
+
|
|
24
|
+
The following limits must be configured in the passport:
|
|
25
|
+
|
|
26
|
+
```json
|
|
27
|
+
{
|
|
28
|
+
"legal": {
|
|
29
|
+
"contract": {
|
|
30
|
+
"review": {
|
|
31
|
+
"allowed_document_types": ["contract", "nda", "msa", "sla"],
|
|
32
|
+
"max_document_size_mb": 10,
|
|
33
|
+
"allowed_contract_jurisdictions": ["US", "CA", "GB"],
|
|
34
|
+
"require_attorney_review": true,
|
|
35
|
+
"privilege_protection_enabled": true,
|
|
36
|
+
"max_contracts_per_day": 50,
|
|
37
|
+
"allowed_client_tiers": ["tier1", "tier2", "enterprise"]
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
```
|
|
43
|
+
|
|
44
|
+
## Context Fields
|
|
45
|
+
|
|
46
|
+
### Required Fields
|
|
47
|
+
|
|
48
|
+
- `document_type` (string): Type of legal document (contract, nda, msa, sla, etc.)
|
|
49
|
+
- `client_id` (string): Unique identifier for the client
|
|
50
|
+
- `jurisdiction` (string): ISO 3166-1 alpha-2 country code
|
|
51
|
+
- `action_type` (string): Type of action (review, draft, redline, approve)
|
|
52
|
+
- `idempotency_key` (string): Idempotency key for duplicate prevention
|
|
53
|
+
|
|
54
|
+
### Optional Fields
|
|
55
|
+
|
|
56
|
+
- `document_size_mb` (number): Size of the document in megabytes
|
|
57
|
+
- `client_tier` (string): Client tier classification
|
|
58
|
+
- `attorney_reviewer_id` (string): ID of supervising attorney (required if `require_attorney_review` is true)
|
|
59
|
+
- `privilege_level` (string): Attorney-client privilege level
|
|
60
|
+
- `contract_value_usd` (integer): Contract value in USD minor units
|
|
61
|
+
- `matter_id` (string): Legal matter identifier
|
|
62
|
+
- `review_deadline` (string): Deadline for contract review completion
|
|
63
|
+
|
|
64
|
+
## Enforcement Rules
|
|
65
|
+
|
|
66
|
+
1. **Document Type Validation**: Only allowed document types can be reviewed
|
|
67
|
+
2. **Document Size Limits**: Documents exceeding `max_document_size_mb` are rejected
|
|
68
|
+
3. **Jurisdiction Authorization**: Only authorized jurisdictions are allowed
|
|
69
|
+
4. **Attorney Review**: Required for high-value contracts or when `require_attorney_review` is true
|
|
70
|
+
5. **Privilege Protection**: Privilege level must be specified when protection is enabled
|
|
71
|
+
6. **Daily Limits**: Maximum contracts per day are enforced
|
|
72
|
+
7. **Client Tier Authorization**: Only authorized client tiers can be serviced
|
|
73
|
+
8. **High-Value Review**: Contracts over $10,000 require attorney review
|
|
74
|
+
|
|
75
|
+
## Example Request
|
|
76
|
+
|
|
77
|
+
```json
|
|
78
|
+
{
|
|
79
|
+
"agent_id": "ap_1234567890",
|
|
80
|
+
"policy_id": "legal.contract.review.v1",
|
|
81
|
+
"context": {
|
|
82
|
+
"document_type": "contract",
|
|
83
|
+
"client_id": "client_abc123",
|
|
84
|
+
"jurisdiction": "US",
|
|
85
|
+
"action_type": "review",
|
|
86
|
+
"idempotency_key": "unique-key-12345",
|
|
87
|
+
"document_size_mb": 2.5,
|
|
88
|
+
"client_tier": "tier1",
|
|
89
|
+
"attorney_reviewer_id": "attorney_xyz789",
|
|
90
|
+
"privilege_level": "privileged",
|
|
91
|
+
"contract_value_usd": 5000000,
|
|
92
|
+
"matter_id": "matter_001"
|
|
93
|
+
}
|
|
94
|
+
}
|
|
95
|
+
```
|
|
96
|
+
|
|
97
|
+
## Compliance
|
|
98
|
+
|
|
99
|
+
This policy ensures compliance with:
|
|
100
|
+
|
|
101
|
+
- **ABA Formal Opinion 512**: Requires attorney supervision of AI operations
|
|
102
|
+
- **Attorney-Client Privilege**: Protects privileged communications
|
|
103
|
+
- **Malpractice Risk Mitigation**: Prevents unauthorized contract operations
|
|
104
|
+
- **Jurisdictional Compliance**: Enforces jurisdiction-specific requirements
|
|
105
|
+
|
|
106
|
+
## Integration
|
|
107
|
+
|
|
108
|
+
The policy is automatically applied when a passport has the `legal.contract.review` capability. The verification endpoint `/api/verify/policy/legal.contract.review.v1` evaluates all enforcement rules and returns an allow/deny decision with detailed reasons.
|
|
109
|
+
|
|
@@ -0,0 +1,378 @@
|
|
|
1
|
+
{
|
|
2
|
+
"id": "legal.contract.review.v1",
|
|
3
|
+
"name": "Legal Contract Review Policy",
|
|
4
|
+
"description": "Pre-action governance for legal contract review, drafting, and redlining operations. Enforces firm-specific guardrails, privilege protection, attorney supervision requirements, and jurisdiction controls to prevent malpractice risk and ensure ABA ethics compliance.",
|
|
5
|
+
"version": "1.0.0",
|
|
6
|
+
"status": "active",
|
|
7
|
+
"requires_capabilities": ["legal.contract.review"],
|
|
8
|
+
"min_assurance": "L3",
|
|
9
|
+
"limits_required": [
|
|
10
|
+
"allowed_document_types",
|
|
11
|
+
"max_document_size_mb",
|
|
12
|
+
"allowed_contract_jurisdictions",
|
|
13
|
+
"require_attorney_review",
|
|
14
|
+
"privilege_protection_enabled",
|
|
15
|
+
"max_contracts_per_day",
|
|
16
|
+
"allowed_client_tiers",
|
|
17
|
+
"supported_currencies",
|
|
18
|
+
"currency_limits",
|
|
19
|
+
"require_client_consent",
|
|
20
|
+
"require_conflicts_check",
|
|
21
|
+
"require_fee_disclosure",
|
|
22
|
+
"allowed_attorney_jurisdictions",
|
|
23
|
+
"require_matter_isolation"
|
|
24
|
+
],
|
|
25
|
+
"required_fields": [
|
|
26
|
+
"document_type",
|
|
27
|
+
"client_id",
|
|
28
|
+
"jurisdiction",
|
|
29
|
+
"action_type",
|
|
30
|
+
"idempotency_key"
|
|
31
|
+
],
|
|
32
|
+
"optional_fields": [
|
|
33
|
+
"document_size_mb",
|
|
34
|
+
"client_tier",
|
|
35
|
+
"attorney_reviewer_id",
|
|
36
|
+
"privilege_level",
|
|
37
|
+
"contract_value",
|
|
38
|
+
"contract_currency",
|
|
39
|
+
"matter_id",
|
|
40
|
+
"review_deadline",
|
|
41
|
+
"client_consent_given",
|
|
42
|
+
"conflicts_check_passed",
|
|
43
|
+
"fee_disclosure_provided",
|
|
44
|
+
"engagement_letter_signed",
|
|
45
|
+
"opposing_party_id",
|
|
46
|
+
"data_encrypted",
|
|
47
|
+
"supervisor_approval_id"
|
|
48
|
+
],
|
|
49
|
+
"enforcement": {
|
|
50
|
+
"document_type_allowed": true,
|
|
51
|
+
"document_size_limit": true,
|
|
52
|
+
"jurisdiction_authorized": true,
|
|
53
|
+
"attorney_review_required": true,
|
|
54
|
+
"privilege_protection_enforced": true,
|
|
55
|
+
"daily_contract_limit": true,
|
|
56
|
+
"client_tier_authorized": true,
|
|
57
|
+
"assurance_tier_enforced": true,
|
|
58
|
+
"idempotency_required": true,
|
|
59
|
+
"currency_supported": true,
|
|
60
|
+
"per_currency_value_limit": true,
|
|
61
|
+
"daily_currency_cap": true,
|
|
62
|
+
"client_consent_required": true,
|
|
63
|
+
"conflicts_check_required": true,
|
|
64
|
+
"fee_disclosure_required": true,
|
|
65
|
+
"engagement_letter_required": true,
|
|
66
|
+
"attorney_jurisdiction_authorized": true,
|
|
67
|
+
"matter_isolation_required": true,
|
|
68
|
+
"data_encryption_required": true,
|
|
69
|
+
"supervisor_approval_required": true
|
|
70
|
+
},
|
|
71
|
+
"mcp": {
|
|
72
|
+
"require_allowlisted_if_present": true
|
|
73
|
+
},
|
|
74
|
+
"advice": [
|
|
75
|
+
"Cache /verify with ETag; 60s TTL",
|
|
76
|
+
"Subscribe to status webhooks for instant suspend",
|
|
77
|
+
"Log all contract review attempts for Verifiable Attestation",
|
|
78
|
+
"Maintain immutable audit trails for malpractice protection",
|
|
79
|
+
"Enforce attorney supervision per ABA Formal Opinion 512",
|
|
80
|
+
"Protect attorney-client privilege in all operations",
|
|
81
|
+
"Implement document type allowlists for firm-specific guardrails",
|
|
82
|
+
"Monitor contract review patterns for unusual activity",
|
|
83
|
+
"Use idempotency keys to prevent duplicate operations",
|
|
84
|
+
"Track jurisdiction compliance for multi-jurisdictional practice",
|
|
85
|
+
"Maintain privilege level metadata for all documents",
|
|
86
|
+
"Require attorney review for high-value contracts based on currency-specific thresholds",
|
|
87
|
+
"Obtain client consent for AI use per ABA ethics rules",
|
|
88
|
+
"Perform conflicts of interest checks per ABA Rule 1.7",
|
|
89
|
+
"Disclose fee reductions from AI use per ABA ethics rules",
|
|
90
|
+
"Require engagement letters for new client matters",
|
|
91
|
+
"Verify attorney licensing in contract jurisdiction to prevent UPL violations",
|
|
92
|
+
"Enforce matter isolation to prevent conflicts with opposing parties",
|
|
93
|
+
"Encrypt client data per ABA Rule 1.6 confidentiality requirements",
|
|
94
|
+
"Require supervisor approval for non-lawyer work per ABA Rule 5.3",
|
|
95
|
+
"Configure per-currency contract value limits for multi-currency operations",
|
|
96
|
+
"Set document retention policies (typically 7-10 years) for compliance"
|
|
97
|
+
],
|
|
98
|
+
"required_context": {
|
|
99
|
+
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
100
|
+
"type": "object",
|
|
101
|
+
"required": [
|
|
102
|
+
"document_type",
|
|
103
|
+
"client_id",
|
|
104
|
+
"jurisdiction",
|
|
105
|
+
"action_type",
|
|
106
|
+
"idempotency_key"
|
|
107
|
+
],
|
|
108
|
+
"properties": {
|
|
109
|
+
"document_type": {
|
|
110
|
+
"type": "string",
|
|
111
|
+
"enum": [
|
|
112
|
+
"contract",
|
|
113
|
+
"nda",
|
|
114
|
+
"msa",
|
|
115
|
+
"sla",
|
|
116
|
+
"employment_agreement",
|
|
117
|
+
"purchase_agreement",
|
|
118
|
+
"lease",
|
|
119
|
+
"license_agreement",
|
|
120
|
+
"settlement_agreement",
|
|
121
|
+
"other"
|
|
122
|
+
],
|
|
123
|
+
"description": "Type of legal document being reviewed"
|
|
124
|
+
},
|
|
125
|
+
"client_id": {
|
|
126
|
+
"type": "string",
|
|
127
|
+
"minLength": 1,
|
|
128
|
+
"description": "Unique identifier for the client"
|
|
129
|
+
},
|
|
130
|
+
"jurisdiction": {
|
|
131
|
+
"type": "string",
|
|
132
|
+
"pattern": "^[A-Z]{2}$",
|
|
133
|
+
"description": "ISO 3166-1 alpha-2 country code for contract jurisdiction"
|
|
134
|
+
},
|
|
135
|
+
"action_type": {
|
|
136
|
+
"type": "string",
|
|
137
|
+
"enum": ["review", "draft", "redline", "approve"],
|
|
138
|
+
"description": "Type of action being performed on the contract"
|
|
139
|
+
},
|
|
140
|
+
"idempotency_key": {
|
|
141
|
+
"type": "string",
|
|
142
|
+
"minLength": 8,
|
|
143
|
+
"description": "Idempotency key for duplicate prevention"
|
|
144
|
+
},
|
|
145
|
+
"document_size_mb": {
|
|
146
|
+
"type": "number",
|
|
147
|
+
"minimum": 0,
|
|
148
|
+
"maximum": 100,
|
|
149
|
+
"description": "Size of the document in megabytes"
|
|
150
|
+
},
|
|
151
|
+
"client_tier": {
|
|
152
|
+
"type": "string",
|
|
153
|
+
"enum": ["tier1", "tier2", "tier3", "enterprise", "public"],
|
|
154
|
+
"description": "Client tier classification"
|
|
155
|
+
},
|
|
156
|
+
"attorney_reviewer_id": {
|
|
157
|
+
"type": "string",
|
|
158
|
+
"description": "ID of the attorney supervising this review (required if require_attorney_review is true)"
|
|
159
|
+
},
|
|
160
|
+
"privilege_level": {
|
|
161
|
+
"type": "string",
|
|
162
|
+
"enum": ["public", "confidential", "privileged", "highly_confidential"],
|
|
163
|
+
"description": "Attorney-client privilege level of the document"
|
|
164
|
+
},
|
|
165
|
+
"contract_value": {
|
|
166
|
+
"type": "integer",
|
|
167
|
+
"minimum": 0,
|
|
168
|
+
"description": "Contract value in minor units (cents, yen, etc.)"
|
|
169
|
+
},
|
|
170
|
+
"contract_currency": {
|
|
171
|
+
"type": "string",
|
|
172
|
+
"pattern": "^[A-Z]{3}$",
|
|
173
|
+
"description": "ISO 4217 currency code for contract value"
|
|
174
|
+
},
|
|
175
|
+
"matter_id": {
|
|
176
|
+
"type": "string",
|
|
177
|
+
"description": "Legal matter identifier"
|
|
178
|
+
},
|
|
179
|
+
"review_deadline": {
|
|
180
|
+
"type": "string",
|
|
181
|
+
"format": "date-time",
|
|
182
|
+
"description": "Deadline for contract review completion"
|
|
183
|
+
},
|
|
184
|
+
"mcp_servers": {
|
|
185
|
+
"type": "array",
|
|
186
|
+
"items": { "type": "string" },
|
|
187
|
+
"description": "MCP servers being used in this request (e.g., [\"https://mcp.clio.com\"])"
|
|
188
|
+
},
|
|
189
|
+
"mcp_tools": {
|
|
190
|
+
"type": "array",
|
|
191
|
+
"items": { "type": "string" },
|
|
192
|
+
"description": "MCP tools being used in this request (e.g., [\"clio.contracts.review\"])"
|
|
193
|
+
},
|
|
194
|
+
"mcp_server": {
|
|
195
|
+
"type": "string",
|
|
196
|
+
"description": "Single MCP server being used (backward compatibility - use mcp_servers array for multiple)"
|
|
197
|
+
},
|
|
198
|
+
"mcp_tool": {
|
|
199
|
+
"type": "string",
|
|
200
|
+
"description": "Single MCP tool being used (backward compatibility - use mcp_tools array for multiple)"
|
|
201
|
+
},
|
|
202
|
+
"mcp_session": {
|
|
203
|
+
"type": "string",
|
|
204
|
+
"description": "MCP session identifier for audit trail (optional)"
|
|
205
|
+
},
|
|
206
|
+
"client_consent_given": {
|
|
207
|
+
"type": "boolean",
|
|
208
|
+
"description": "Whether client has consented to AI use (required if require_client_consent is true)"
|
|
209
|
+
},
|
|
210
|
+
"conflicts_check_passed": {
|
|
211
|
+
"type": "boolean",
|
|
212
|
+
"description": "Whether conflicts of interest check has passed (required if require_conflicts_check is true)"
|
|
213
|
+
},
|
|
214
|
+
"fee_disclosure_provided": {
|
|
215
|
+
"type": "boolean",
|
|
216
|
+
"description": "Whether fee disclosure has been provided to client (required if require_fee_disclosure is true)"
|
|
217
|
+
},
|
|
218
|
+
"engagement_letter_signed": {
|
|
219
|
+
"type": "boolean",
|
|
220
|
+
"description": "Whether engagement letter has been signed (required if require_engagement_letter is true)"
|
|
221
|
+
},
|
|
222
|
+
"opposing_party_id": {
|
|
223
|
+
"type": "string",
|
|
224
|
+
"description": "ID of opposing party in the matter (for conflicts checking)"
|
|
225
|
+
},
|
|
226
|
+
"data_encrypted": {
|
|
227
|
+
"type": "boolean",
|
|
228
|
+
"description": "Whether client data is encrypted (required if require_data_encryption is true)"
|
|
229
|
+
},
|
|
230
|
+
"supervisor_approval_id": {
|
|
231
|
+
"type": "string",
|
|
232
|
+
"description": "ID of supervisor who approved this operation (required if require_supervisor_approval is true)"
|
|
233
|
+
}
|
|
234
|
+
}
|
|
235
|
+
},
|
|
236
|
+
"evaluation_rules": [
|
|
237
|
+
{
|
|
238
|
+
"name": "passport_status_active",
|
|
239
|
+
"condition": "passport.status == 'active'",
|
|
240
|
+
"deny_code": "oap.passport_suspended",
|
|
241
|
+
"description": "Passport must be active"
|
|
242
|
+
},
|
|
243
|
+
{
|
|
244
|
+
"name": "assurance_minimum",
|
|
245
|
+
"condition": "passport.assurance_level >= policy.min_assurance",
|
|
246
|
+
"deny_code": "oap.assurance_insufficient",
|
|
247
|
+
"description": "Assurance level must meet minimum requirement (L3) for legal operations"
|
|
248
|
+
},
|
|
249
|
+
{
|
|
250
|
+
"name": "document_type_allowed",
|
|
251
|
+
"condition": "context.document_type in passport.limits.legal.contract.review.allowed_document_types",
|
|
252
|
+
"deny_code": "oap.document_type_forbidden",
|
|
253
|
+
"description": "Document type must be in allowed list"
|
|
254
|
+
},
|
|
255
|
+
{
|
|
256
|
+
"name": "document_size_limit",
|
|
257
|
+
"condition": "NOT context.document_size_mb OR context.document_size_mb <= passport.limits.legal.contract.review.max_document_size_mb",
|
|
258
|
+
"deny_code": "oap.document_size_exceeded",
|
|
259
|
+
"description": "Document size must not exceed maximum allowed size"
|
|
260
|
+
},
|
|
261
|
+
{
|
|
262
|
+
"name": "jurisdiction_authorized",
|
|
263
|
+
"condition": "context.jurisdiction in passport.limits.legal.contract.review.allowed_contract_jurisdictions",
|
|
264
|
+
"deny_code": "oap.jurisdiction_blocked",
|
|
265
|
+
"description": "Jurisdiction must be authorized for contract review"
|
|
266
|
+
},
|
|
267
|
+
{
|
|
268
|
+
"name": "attorney_review_required",
|
|
269
|
+
"condition": "NOT passport.limits.legal.contract.review.require_attorney_review OR context.attorney_reviewer_id",
|
|
270
|
+
"deny_code": "oap.attorney_review_required",
|
|
271
|
+
"description": "Attorney review must be provided if required by firm policy"
|
|
272
|
+
},
|
|
273
|
+
{
|
|
274
|
+
"name": "privilege_protection_enforced",
|
|
275
|
+
"condition": "passport.limits.legal.contract.review.privilege_protection_enabled == false OR context.privilege_level",
|
|
276
|
+
"deny_code": "oap.privilege_protection_violation",
|
|
277
|
+
"description": "Privilege protection must be enabled and privilege level must be specified"
|
|
278
|
+
},
|
|
279
|
+
{
|
|
280
|
+
"name": "daily_contract_limit",
|
|
281
|
+
"condition": "daily_contract_count < passport.limits.legal.contract.review.max_contracts_per_day",
|
|
282
|
+
"deny_code": "oap.daily_limit_exceeded",
|
|
283
|
+
"description": "Daily contract review limit must not be exceeded"
|
|
284
|
+
},
|
|
285
|
+
{
|
|
286
|
+
"name": "client_tier_authorized",
|
|
287
|
+
"condition": "NOT context.client_tier OR context.client_tier in passport.limits.legal.contract.review.allowed_client_tiers",
|
|
288
|
+
"deny_code": "oap.client_tier_forbidden",
|
|
289
|
+
"description": "Client tier must be authorized for contract review"
|
|
290
|
+
},
|
|
291
|
+
{
|
|
292
|
+
"name": "idempotency_check",
|
|
293
|
+
"condition": "idempotency_key not in recent_keys",
|
|
294
|
+
"deny_code": "oap.idempotency_conflict",
|
|
295
|
+
"description": "Idempotency key must be unique"
|
|
296
|
+
},
|
|
297
|
+
{
|
|
298
|
+
"name": "currency_supported",
|
|
299
|
+
"condition": "NOT context.contract_currency OR context.contract_currency in passport.limits.legal.contract.review.supported_currencies",
|
|
300
|
+
"deny_code": "oap.currency_unsupported",
|
|
301
|
+
"description": "Contract currency must be supported"
|
|
302
|
+
},
|
|
303
|
+
{
|
|
304
|
+
"name": "per_currency_value_limit",
|
|
305
|
+
"condition": "NOT context.contract_value OR NOT context.contract_currency OR context.contract_value <= passport.limits.legal.contract.review.currency_limits[context.contract_currency].max_per_contract",
|
|
306
|
+
"deny_code": "oap.limit_exceeded",
|
|
307
|
+
"description": "Contract value must not exceed per-currency limit"
|
|
308
|
+
},
|
|
309
|
+
{
|
|
310
|
+
"name": "daily_currency_cap",
|
|
311
|
+
"condition": "daily_contract_value[context.contract_currency] + context.contract_value <= passport.limits.legal.contract.review.currency_limits[context.contract_currency].daily_cap",
|
|
312
|
+
"deny_code": "oap.daily_limit_exceeded",
|
|
313
|
+
"description": "Daily contract value cap per currency must not be exceeded"
|
|
314
|
+
},
|
|
315
|
+
{
|
|
316
|
+
"name": "high_value_contract_review",
|
|
317
|
+
"condition": "NOT context.contract_value OR NOT context.contract_currency OR context.contract_value < passport.limits.legal.contract.review.currency_limits[context.contract_currency].require_attorney_review_threshold OR context.attorney_reviewer_id",
|
|
318
|
+
"deny_code": "oap.high_value_review_required",
|
|
319
|
+
"description": "High-value contracts require attorney review based on currency-specific threshold"
|
|
320
|
+
},
|
|
321
|
+
{
|
|
322
|
+
"name": "client_consent_required",
|
|
323
|
+
"condition": "NOT passport.limits.legal.contract.review.require_client_consent OR context.client_consent_given",
|
|
324
|
+
"deny_code": "oap.client_consent_required",
|
|
325
|
+
"description": "Client consent for AI use is required per ABA ethics rules"
|
|
326
|
+
},
|
|
327
|
+
{
|
|
328
|
+
"name": "conflicts_check_required",
|
|
329
|
+
"condition": "NOT passport.limits.legal.contract.review.require_conflicts_check OR context.conflicts_check_passed",
|
|
330
|
+
"deny_code": "oap.conflicts_check_required",
|
|
331
|
+
"description": "Conflicts of interest check is required per ABA Rule 1.7"
|
|
332
|
+
},
|
|
333
|
+
{
|
|
334
|
+
"name": "fee_disclosure_required",
|
|
335
|
+
"condition": "NOT passport.limits.legal.contract.review.require_fee_disclosure OR context.fee_disclosure_provided",
|
|
336
|
+
"deny_code": "oap.fee_disclosure_required",
|
|
337
|
+
"description": "Fee disclosure is required if AI reduces costs per ABA ethics rules"
|
|
338
|
+
},
|
|
339
|
+
{
|
|
340
|
+
"name": "engagement_letter_required",
|
|
341
|
+
"condition": "NOT passport.limits.legal.contract.review.require_engagement_letter OR context.engagement_letter_signed",
|
|
342
|
+
"deny_code": "oap.engagement_letter_required",
|
|
343
|
+
"description": "Engagement letter is required for new client matters per ABA ethics rules"
|
|
344
|
+
},
|
|
345
|
+
{
|
|
346
|
+
"name": "attorney_jurisdiction_authorized",
|
|
347
|
+
"condition": "NOT context.jurisdiction OR context.jurisdiction in passport.limits.legal.contract.review.allowed_attorney_jurisdictions",
|
|
348
|
+
"deny_code": "oap.unauthorized_practice_of_law",
|
|
349
|
+
"description": "Attorney must be licensed in the contract jurisdiction to prevent UPL violations"
|
|
350
|
+
},
|
|
351
|
+
{
|
|
352
|
+
"name": "matter_isolation_required",
|
|
353
|
+
"condition": "NOT passport.limits.legal.contract.review.require_matter_isolation OR NOT context.opposing_party_id OR context.opposing_party_id NOT IN recent_clients[context.matter_id]",
|
|
354
|
+
"deny_code": "oap.conflict_of_interest",
|
|
355
|
+
"description": "Cannot review contracts for opposing parties in the same matter per ABA Rule 1.7"
|
|
356
|
+
},
|
|
357
|
+
{
|
|
358
|
+
"name": "data_encryption_required",
|
|
359
|
+
"condition": "NOT passport.limits.legal.contract.review.require_data_encryption OR context.data_encrypted",
|
|
360
|
+
"deny_code": "oap.data_encryption_required",
|
|
361
|
+
"description": "Client data encryption is required for confidentiality per ABA Rule 1.6"
|
|
362
|
+
},
|
|
363
|
+
{
|
|
364
|
+
"name": "supervisor_approval_required",
|
|
365
|
+
"condition": "NOT passport.limits.legal.contract.review.require_supervisor_approval OR context.supervisor_approval_id",
|
|
366
|
+
"deny_code": "oap.supervisor_approval_required",
|
|
367
|
+
"description": "Supervisor approval is required for non-lawyer work per ABA Rule 5.3"
|
|
368
|
+
}
|
|
369
|
+
],
|
|
370
|
+
"cache": {
|
|
371
|
+
"default_ttl_seconds": 60,
|
|
372
|
+
"suspend_invalidate_seconds": 30
|
|
373
|
+
},
|
|
374
|
+
"deprecation": null,
|
|
375
|
+
"created_at": "2025-01-30T00:00:00Z",
|
|
376
|
+
"updated_at": "2025-01-30T00:00:00Z"
|
|
377
|
+
}
|
|
378
|
+
|