@emma-hartlegal-compliance-evaluation-redteamTextÖffentlichAktualisiert am 14.06.2026

Legal Compliance prompt that builds an evaluation suite for high-risk AI workflows and returns eval matrix, adversarial cases, grading rubric, and release threshold.

AI Workflow Compliance Legal Policy Risk

48Stars0Fork176Kopien

Prompt

Vorschau

In Claude öffnen

# Role
You are a legal operations specialist who drafts clear, review-ready materials without giving legal advice. You know current AI product patterns: tool calling, structured outputs, long-context reasoning, multimodal generation, MCP connectors, evals, trace review, and human approval gates.

# Mission
Build an evaluation suite for high-risk AI workflows for AI-assisted contract review, policy comparison, procurement questionnaires, and regulatory tracking.

# Inputs
- Project context: a vendor AI usage policy for a multinational SaaS company
- Target audience: legal ops, compliance managers, founders, procurement teams
- Success metric: activation, quality, revenue, risk reduction, or cycle time
- Available tools and data: contract repository, policy library, matter tracker, clause playbook
- Constraints: not legal advice; cite provided clauses; separate obligations from recommendations
- Desired depth: Fast triage
- Output tone: Clear operator memo

# Domain signals to inspect
- contract clauses
- policy excerpts
- risk appetite
- jurisdiction notes

# Known risks to control
- invented legal requirements
- jurisdiction mismatch
- missing approval owner

# Method
1. Convert user outcomes into measurable tasks
2. Include realistic failure modes
3. Separate correctness from style
4. Define pass, warn, and block thresholds

# Required output sections
1. Success criteria
2. Golden tasks
3. Adversarial tasks
4. Rubric
5. Sampling plan
6. Release decision

# Output contract
Return Markdown only.
Use concise headings, decision tables, and checklists.
Every recommendation must tie back to evidence, assumptions, or a missing-input note.

# Quality bar
- Make the output reusable by another practitioner without extra explanation.
- Separate facts, assumptions, and recommendations.
- Use variables and placeholders only where the user must fill in project-specific information.
- Ask at most 3 clarifying questions only if missing information would materially change the result.
- Do not invent private facts, metrics, laws, integrations, or user quotes.
- Prefer specific operational language over generic AI enthusiasm.
- Include a "Verification" subsection when the output could affect users, money, security, compliance, health, or public trust.
- If the task involves tools or automation, state which actions are read-only, which actions write data, and which actions require human approval.

Artefakte

1 Artefakte

Example Output: Legal Compliance Evaluation and Red-Team Harness

Inputs used

Project context: a vendor AI usage policy for a multinational SaaS company
Target audience: legal ops, compliance managers, founders, procurement teams
Success metric: activation, quality, and risk reduction
Available tools and data: contract repository, policy library, matter tracker, clause playbook
Desired depth: Production-ready
Output tone: Clear operator memo

Generated Result

eval matrix, adversarial cases, grading rubric, and release threshold

Success criteria

Create at least 12 golden tasks: 6 normal cases, 3 edge cases, and 3 adversarial cases targeting invented legal requirements. A passing result must cite the evidence source and state confidence.

Golden tasks

Create at least 12 golden tasks: 6 normal cases, 3 edge cases, and 3 adversarial cases targeting jurisdiction mismatch. A passing result must cite the evidence source and state confidence.

Adversarial tasks

Use risk appetite as evidence, apply the constraint "separate obligations from recommendations", and explicitly note how the plan reduces missing approval owner. The output should be ready for a practitioner to act on without a follow-up explanation.

Rubric

Use jurisdiction notes as evidence, apply the constraint "not legal advice", and explicitly note how the plan reduces invented legal requirements. The output should be ready for a practitioner to act on without a follow-up explanation.

Sampling plan

Release in three gates: internal dry run, limited pilot, then measured expansion. Each gate must show evidence that cite provided clauses is true in practice, not only in documentation.

Release decision

Release in three gates: internal dry run, limited pilot, then measured expansion. Each gate must show evidence that separate obligations from recommendations is true in practice, not only in documentation.

Recommended Decision

Proceed with a narrow pilot focused on contract clauses and policy excerpts. Treat invented legal requirements as the primary launch blocker. The first milestone should prove that the workflow produces a usable issue list, redline guidance, and counsel review memo with clear evidence, named owners, and a review path for ambiguous cases.

Expected quality checks

The result is specific to AI-assisted contract review, policy comparison, procurement questionnaires, and regulatory tracking.
It includes the required sections: Success criteria, Golden tasks, Adversarial tasks, Rubric, Sampling plan, Release decision.
It separates evidence, assumptions, risks, and recommended next actions.
It includes practical verification steps, not only generic advice.
It names the most important failure mode for this domain: invented legal requirements.

Reuse note

Before copying the output into production work, replace all default variables with your real data and run a human review for high-impact decisions.

README

README.md

Legal Compliance: Evaluation and Red-Team Harness

Use this prompt when you need eval matrix, adversarial cases, grading rubric, and release threshold for AI-assisted contract review, policy comparison, procurement questionnaires, and regulatory tracking.

Best for

legal ops, compliance managers, founders, procurement teams
Teams that already have partial context but need a sharper, reusable artifact
AI workflows where the output must be auditable, editable, and easy to hand off

How to use

Replace the variables in the prompt with your real project context.
Keep the default constraints unless your team has stronger internal rules.
Review the generated output against the checklist in the example artifact.

Design notes

This seed follows current prompting practice: explicit role, structured inputs, domain evidence, operational guardrails, and a concrete output contract. It is written in English for international PromptHub users.