Contract Review
Review NDAs, MSAs, and vendor agreements from email, DocuSign, or local files and get plain-English risks plus a negotiable redline DOCX before you sign.
Overview
Contract Review is an agent skill most often used in Validate (also Operate / iterate) that reads NDAs and vendor contracts, flags risks in plain English, and outputs a redlined DOCX.
Install
npx skills add https://github.com/anthropics/knowledge-work-plugins --skill contract-reviewWhat is this skill?
- Triggers on "review this contract," red flags, payment terms, uploads, or forwarded legal email
- Ingest from Gmail attachments, DocuSign envelopes, or local PDF/DOCX (chunked `pages` for 10+ page PDFs)
- Analyzes 8 risk categories with severity-tiered summary and negotiation playbook
- Exports a separate marked-up redline DOCX for pushback conversations
- Requires reading the full agreement—including exhibits and schedules—before analysis
- 8 risk categories in analysis workflow
- 3 ingestion source paths (Gmail, DocuSign, local/paste)
Adoption & trust: 869 installs on skills.sh; 19.6k GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
You are about to sign an NDA or MSA but cannot spot non-standard liability, payment, or termination clauses hidden in exhibits.
Who is it for?
SMB founders reviewing vendor MSAs, NDAs, or SaaS terms pulled from Gmail, DocuSign, or a local PDF without a legal team on staff.
Skip if: Complex M&A, employment law, regulated industry compliance sign-off, or situations requiring formal attorney representation.
When should I use this skill?
User says review this contract, what am I signing, red flags, flag concerns, check payment terms, or uploads/forwards a contract or legal agreement.
What do I get? / Deliverables
A severity-tiered risk summary with negotiation playbook and a separate redlined DOCX you can use to push back before signing.
- Severity-tiered risk summary
- Negotiation playbook
- Marked-up redline DOCX
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Canonical shelf is Validate because the skill is invoked before committing to legal terms—scoping what you are agreeing to—not after go-live engineering. Scope subphase covers contract scope, exhibits, and obligation boundaries called out in the workflow (read full doc including schedules).
Where it fits
Before adopting a new SaaS vendor, you forward the MSA and ask for non-standard clauses in exhibits.
You ask to check payment terms and auto-renewal language before committing to annual billing.
An existing supplier sends an amendment via DocuSign and you need a redlined DOCX for renewal negotiations.
A quick NDA arrives over Gmail and you want severity-tiered red flags before a pilot integration.
How it compares
Structured contract checklist with DOCX redline output—not a generic summarizer or e-signature product.
Common Questions / FAQ
Who is contract-review for?
Solo builders and small business operators who need fast, structured review of NDAs, MSAs, and vendor contracts before signing.
When should I use contract-review?
In Validate / scope when evaluating a new vendor or partnership agreement, and in Operate / iterate when renewing or renegotiating existing contracts.
Is contract-review safe to install?
It may access Gmail, DocuSign, or local files containing sensitive terms; review the Security Audits panel on this Prism page and limit connected accounts to what you trust.
SKILL.md
READMESKILL.md - Contract Review
# Contract Review ## Quick start Attach a contract file, forward the email containing it, or paste the text directly. ``` User: "Review this MSA and flag anything I should push back on." → Skill reads the document, identifies parties and contract type, analyzes 8 risk categories, returns a severity-tiered summary with a negotiation playbook, and exports a redlined DOCX. ``` ## Workflow 1. **Get the contract** — Pull from one of three sources, in order of preference: - **Gmail**: Search for recent emails with contract attachments (see `reference/gmail-fetch.md`) - **DocuSign**: Fetch the envelope by ID or search recent drafts awaiting signature (see `reference/docusign-fetch.md`) - **Local file or paste**: Read the PDF (chunked via `pages` parameter for 10+ page files) or DOCX via Read tool. If the user pastes text directly, work with what's provided. Read the full document before analyzing. Dangerous clauses are frequently in exhibits and schedules at the back. 2. **Identify contract type and parties** — Determine agreement type (NDA, MSA, SOW, SaaS subscription, consulting, subcontractor, vendor) and which party is the user's company vs. the counterparty. Note if it looks like a counterparty template — these are typically one-sided and the counterparty expects pushback. 3. **Analyze across 8 risk categories** — Work through the contract from the ops/finance perspective of a small business owner without in-house legal. Categories are ordered by typical risk severity; use judgment for context. **Category 1: Payment terms and cash flow** - Payment timing: Net-30 is standard; Net-60+ is flaggable; Net-90/120 is a hard negotiation point - Payment triggers: acceptance periods that let the client slow-walk approvals indefinitely - Late payment penalties: absence is a gap worth noting - Invoicing requirements: rigid formats or PO numbers that can delay payment on technicalities - Expense reimbursement: pre-approval requirements and caps - Rate adjustments: annual increase mechanism for multi-year engagements **Category 2: Liability and indemnification** - Liability caps: uncapped liability is always a red flag - Mutual vs. one-sided indemnification - Indemnification scope: "any and all claims arising from the services" is not standard - Insurance requirements: E&O, cyber, general liability — achievability at the required limits - Consequential damages waiver: missing = flag prominently **Category 3: Termination and exit** - Termination for convenience: is it mutual? 30-day notice is typical - Termination for cause: cure period; vague "material breach" without definition - Wind-down: payment for in-progress work at termination - Transition assistance: paid vs. unpaid, time-limited vs. open-ended - Survival clauses: indefinite indemnification survival = flag **Category 4: Intellectual property** - IP assignment vs. license - Pre-existing IP and background tools carve-out — absence means inadvertent assignment - Work product definition breadth: drafts, notes, internal tools **Category 5: Scope and change management** - Scope definition clarity - Change order process: absence = scope creep without compensation - Acceptance criteria: subjective ("to client's satisfaction") vs. defined - Timeline asymmetry: user penalized for delays but client is not for slow feedback **Category 6: Non-compete and exclusivity** - Non-compete