Evaluates contracts for harmful, unusual, or one-sided clauses using Red/Yellow/Green risk classification. Activates when the user wants to find contract red flags, assess legal risks, check for unfair terms, or asks 'is this contract safe to sign?' Provides plain-English explanations and concrete mitigation suggestions for freelancers and agency founders.
From founder-osnpx claudepluginhub thecloudtips/founder-os --plugin founder-osThis skill uses the workspace's default tool permissions.
references/risk-patterns.mdDesigns and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.
Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.
Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.
Evaluate contracts for legal risks using a 3-tier RAG (Red/Yellow/Green) classification system. Identify clauses that are potentially harmful, unusual, or one-sided. Assign each flagged clause a severity level with a plain-English explanation and a concrete mitigation suggestion. The target audience is freelancers and small agency founders -- not lawyers. Provide actionable guidance that helps the user negotiate better terms or decide when to seek legal counsel.
This skill handles risk detection and classification only. Contract term extraction (payment, IP, termination, liability, scope, confidentiality) is handled by the contract-analysis skill. When both skills are invoked, contract-analysis runs first to produce structured term data, and legal-risk-detection consumes that data to evaluate risk.
Always include the following disclaimer at the top of every risk report output:
Disclaimer: This analysis is for informational purposes only and does not constitute legal advice. Consult a qualified attorney for legal guidance.
Classify every flagged clause into exactly one of three severity tiers:
Clauses that could cause significant financial or legal harm. Recommend consulting a lawyer before signing. Red flags indicate terms that materially disadvantage the contractor with no offsetting benefit or protection.
Characteristics of Red clauses:
Examples: unlimited liability, one-sided indemnification where only the contractor indemnifies the client, perpetual IP assignment with no reversion clause, unilateral termination without payment for completed work, non-compete exceeding 2 years or covering unreasonably broad territory.
Clauses that deviate from standard practice or contain ambiguity. May be acceptable depending on the specific engagement, client relationship, or contract value, but warrant careful review before signing.
Characteristics of Yellow clauses:
Examples: vague confidentiality scope covering "all information shared", ambiguous payment terms with no specific due date, broad non-solicitation lasting more than 1 year, auto-renewal without a clear opt-out mechanism.
Standard, balanced clauses following common industry practice. Acceptable as-is with no modification needed. Green classification means the clause is within normal range for freelance and agency contracts.
Characteristics of Green clauses:
Examples: mutual indemnification, standard auto-renewal with 30-day notice, boilerplate warranty disclaimers, clear net-30 payment terms, balanced termination with notice requirements for both parties.
Evaluate every contract against seven risk dimensions. Each flagged clause maps to exactly one category.
Detect clauses that expose the contractor to late payment, non-payment, or compensation disputes. Look for:
Detect clauses that transfer intellectual property rights beyond what is standard for the engagement. Look for:
Detect clauses that expose the contractor to disproportionate financial liability. Look for:
Detect clauses that allow the client to exit the contract on unfavorable terms for the contractor. Look for:
Detect clauses that leave deliverables vague or allow unbounded work obligations. Look for:
Detect clauses that restrict the contractor's ability to work after the engagement ends. Look for:
Detect clauses that impose disproportionate secrecy obligations. Look for:
For each flagged clause, produce a structured flag object containing these fields:
| Field | Type | Description |
|---|---|---|
flag_name | string | Short descriptive name (e.g., "Unlimited Liability") |
severity | enum | Red, Yellow, or Green |
category | enum | One of the 7 risk categories above |
clause_text | string | The specific clause or language triggering the flag, quoted from the contract |
explanation | string | Why this clause is risky, written in plain English for a non-lawyer audience |
mitigation | string | Suggested change, counter-proposal, or negotiation point |
When quoting clause_text, extract the exact language from the contract. Do not paraphrase. If the risky language spans multiple sentences, include the full passage. When a clause is long (more than 3 sentences), quote the critical portion and add "[...]" to indicate omitted surrounding text.
When the /founder-os:contract:compare command invokes this skill, compare each extracted term against the standard-terms template at ${CLAUDE_PLUGIN_ROOT}/templates/standard-terms.md. Perform the comparison as follows:
Load the standard-terms template. If the template file does not exist, warn the user: "Standard terms template not found at templates/standard-terms.md -- comparison unavailable. Run /founder-os:contract:analyze for standalone risk detection." Fall back to standalone risk detection.
For each term extracted by the contract-analysis skill (payment, IP, termination, liability, scope, confidentiality, non-compete), compare the contract's clause against the corresponding standard-terms clause.
For each deviation detected, produce a comparison entry:
| Field | Description |
|---|---|
term_category | Which contract area (payment, IP, termination, etc.) |
standard_term | What the standard template specifies |
contract_term | What the analyzed contract specifies |
deviation | What differs, in plain English |
severity | Red, Yellow, or Green classification of the deviation |
impact | What the deviation means for the contractor in practice |
counter_proposal | Suggested language to negotiate back toward the standard |
Terms that match the standard template receive a Green classification with the note "Matches standard terms."
Terms present in the contract but absent from the standard template receive a Yellow flag with the note "Non-standard clause -- review for appropriateness."
Terms present in the standard template but absent from the contract receive a Yellow flag with the note "Expected clause missing from contract -- consider requesting addition."
Compute the overall risk level for the entire contract based on the aggregate of all flags:
| Condition | Overall Level |
|---|---|
| ANY Red flag exists | Red -- "This contract contains high-risk clauses. Consult a lawyer before signing." |
| ANY Yellow flag exists AND no Red flags | Yellow -- "This contract contains clauses that deviate from standard practice. Review flagged items carefully." |
| All flags are Green OR no flags exist | Green -- "This contract follows standard practice. No significant risk issues detected." |
In addition to the overall level, produce a risk_summary sentence (1-2 sentences) that names the most critical finding. Examples:
For each analyzed contract, produce the following structured output:
overall_risk_level: Red | Yellow | Green
risk_summary: [1-2 sentence summary of most critical finding]
flags_count:
red: [N]
yellow: [N]
green: [N]
flags: [array of flag objects per the Risk Flag Structure above]
recommendations: [prioritized list of negotiation points, Red items first, then Yellow]
Order the recommendations list by severity descending (all Red items grouped first, then Yellow). Within the same severity, order by potential financial impact. Each recommendation should be a concrete negotiation point the user can bring to the other party, not a vague suggestion.
When no risky clauses are detected, still produce a complete Green assessment. Output all terms as Green-classified with a note confirming they match standard practice. Set overall_risk_level to Green and risk_summary to: "No significant risk issues detected. All reviewed clauses follow standard practice."
When a contract consists almost entirely of boilerplate language with minimal customization, flag this as an observation: "This contract appears to be a standard template with minimal customization. While boilerplate terms are generally balanced, verify that project-specific details (scope, deliverables, timeline, payment amounts) are adequately defined."
When two clauses within the same contract contradict each other (e.g., one section grants IP ownership to the contractor while another assigns it to the client), flag the conflict itself as a Yellow risk: "Conflicting clauses detected in [sections]. Section [X] states [A] while Section [Y] states [B]. This ambiguity creates interpretation risk. Request clarification to resolve the conflict before signing."
When a contract is missing standard sections entirely (no termination clause, no IP clause, no liability cap), flag each missing section as Yellow: "No [section] clause found. Standard contracts include [what the section covers]. Request addition of this clause to protect both parties."
When a contract involves more than two parties, evaluate risk from the perspective of the contractor (the user). Note which obligations bind the user specifically vs. other parties. Flag any joint-and-several liability clauses as Red.
When analyzing very short contracts or informal agreements (letters of engagement, email confirmations), flag the lack of standard protections: "This is a brief agreement that omits several standard contract protections. Consider requesting a more comprehensive contract that includes [missing critical sections]."
For comprehensive risk pattern detection including specific phrases to look for, example clause text, and detailed mitigation language for all severity tiers, see ${CLAUDE_PLUGIN_ROOT}/skills/contract/legal-risk-detection/references/risk-patterns.md.