ElasticFlow
Legal Pluginby Anthropic

When you need to know if a contract risk warrants senior counsel, /legal-risk-assessment scores it on severity by likelihood — escalate by data.

Runs on
ChatGPTChatGPTClaudeClaudeGeminiGeminiOpenClawOpenClaw

Score legal risks GREEN/YELLOW/ORANGE/RED on severity by likelihood.

  • 5x5 severity by likelihood matrix with score 1-25
  • Risk levels: GREEN (1-4), YELLOW (5-9), ORANGE (10-15), RED (16-25)
  • Mandatory outside counsel triggers: active litigation, government investigation, criminal exposure, securities, board-level
  • Risk register entry with category, owner, mitigations, review date
  • Full risk memo: severity rationale, contributing factors, mitigation options, residual risk

Who this is for

General Counsel

Score every open matter consistently on a 5x5 matrix — defend the risk register with data, not gut

See skills for this role
Corporate Counsel

Decide whether to escalate or handle in-house using the GREEN/YELLOW/ORANGE/RED framework

See skills for this role

What it does

Vendor wants uncapped indemnification on a $5M MSA

Severity 4 (substantial financial exposure, 5-25% of deal value). Likelihood 3 (possible — IP claims happen in this sector). /legal-risk-assessment scores 12 = ORANGE. Escalate to senior counsel, develop mitigation plan, consider outside counsel.

Threatened litigation letter from a former employee

/legal-risk-assessment walks through severity (potential class action, employment claim, reputational), likelihood (clear precedent in HR records), and returns RED 18. Immediate GC briefing, outside counsel engagement, litigation hold.

Regulator inquiry about marketing claims

Severity 3, Likelihood 3 = YELLOW 9. Mitigate actively, brief stakeholders, define triggers for elevation. Skill generates the risk memo with specific monitoring plan and 30-day review cadence.

GC needs board-ready risk register update for Q2

/legal-risk-assessment generates the risk register with all open matters scored consistently, change-since-last-quarter highlighted, and ORANGE/RED items grouped for board narrative.

How it works

1

Describe the matter: contract risk, threatened claim, regulatory inquiry, or open issue

2

Skill walks you through severity (1-5) with rationale anchors

3

Walks you through likelihood (1-5) based on precedent

4

Calculates score, assigns GREEN/YELLOW/ORANGE/RED level

5

Returns recommended actions, escalation path, and full risk memo

Example

Your matter
Vendor's redline removes the IP infringement indemnification from our MSA. Deal value $5M ARR, 3-year term. Vendor is a small AI startup we're integrating with our core product.
Risk assessment — 9 minutes
Risk Score
Severity: 4 (High) — Without IP indemnity, infringement claim could expose us to 5-25% of ARR plus injunction risk
Likelihood: 3 (Possible) — AI training data IP litigation is active in this sector; vendor has limited insurance

Score: 12 = ORANGE (High Risk)
Recommended Actions
1. Escalate to senior counsel before signing
2. Develop mitigation: require IP rep + warranty + insurance certificate ($5M minimum)
3. Consider outside counsel review of vendor's IP chain of title
4. Brief CTO on integration risk
5. Define contingency: termination right + transition assistance if claim arises
Mitigation Options
Option A: Insist on IP indemnification — Effectiveness: HIGH, Cost: LOW, Recommended: YES
Option B: Cap IP liability at 3x fees + carve out from overall cap — Effectiveness: MEDIUM, Cost: LOW, Recommended: YES (fallback)
Option C: Walk away — Effectiveness: HIGH, Cost: HIGH (lose $5M ARR), Recommended: only if A and B fail
Residual Risk
With Option A + insurance: ORANGE 12 to YELLOW 6
With Option B alone: ORANGE 12 to ORANGE 10

Metrics this improves

Clause Risk Detection Rate
Every risk scored consistently on severity x likelihood instead of gut-feel triage
Legal
Board Prep Time
Risk register pre-built for the board narrative with consistent scoring across all open matters
Legal
Strategic vs Reactive Work
GREEN/YELLOW go to register; ORANGE/RED get senior counsel attention by data, not noise
Legal

Works with

Jira
manual

Tracks risk register entries with category, owner, severity, review date

Notion
manual

Stores risk memos and board-ready risk register summaries

Ironclad
manual

References active contracts when assessing contract risk severity

Relativity
manual

Pulls litigation matter status when scoring threatened claims

Part of
9 skills

Legal Plugin

by Anthropic

/legal-risk-assessment is one of 9 skills in this plugin.

See all 9 skills

Similar skills

Auto-suggested by attribute overlap. Side-by-side comparison shows what differs.

Compare all 4

Contract & Proposal Writer

by Alireza Rezvani
USvsUS-DE, EU +2(Jurisdictions)·MSA, DPA +2vsNDA, MSA +5(Document types)·markdownvsmarkdown, docx(Output formats)

E-Signature Routing

by Anthropic
USvsUS, EU +1(Jurisdictions)·MSA, DPA +2vsNDA, MSA +1(Document types)·textvsfile-upload, text(What you provide)

NDA triage

by Anthropic
USvsUS, EU +1(Jurisdictions)·MSA, DPA +2vsNDA(Document types)·textvsfile-upload, text(What you provide)
Sorted by attribute overlap × differentiation. Legal Risk Assessment shares 15+ attributes with each.
View on GitHub

Legal Risk Assessment Skill

You are a legal risk assessment assistant for an in-house legal team. You help evaluate, classify, and document legal risks using a structured framework based on severity and likelihood.

Important: You assist with legal workflows but do not provide legal advice. Risk assessments should be reviewed by qualified legal professionals.

Risk Assessment Framework

Severity x Likelihood Matrix

Severity (impact if risk materializes):

LevelLabelDescription
1NegligibleMinor inconvenience; no material impact
2LowMinor financial exposure (<1% of relevant value); minor disruption
3ModerateMaterial financial exposure (1-5%); noticeable disruption; potential limited public attention
4HighSubstantial financial exposure (5-25%); significant disruption; likely public attention; potential regulatory scrutiny
5CriticalMajor financial exposure (>25%); fundamental business disruption; significant reputational damage; regulatory action likely; potential personal liability

Likelihood (probability of materialization):

LevelLabelDescription
1RemoteHighly unlikely; no known precedent
2UnlikelyCould occur but not expected; limited precedent
3PossibleMay occur; some precedent; foreseeable triggers
4LikelyProbably will occur; clear precedent; common triggers
5Almost CertainExpected to occur; strong precedent; triggers present or imminent

Risk Score = Severity × Likelihood

ScoreRisk LevelColor
1-4Low RiskGREEN
5-9Medium RiskYELLOW
10-15High RiskORANGE
16-25Critical RiskRED

Risk Classification Levels with Recommended Actions

GREEN — Low Risk (Score 1-4)

Characteristics: minor issues, unlikely to materialize, standard business risks within normal parameters.

Recommended actions: accept with standard controls, document in risk register, monitor in periodic reviews (quarterly/annually), no escalation required.

Examples: vendor contract with minor deviation in non-critical area, routine NDA with well-known counterparty, minor administrative compliance task.

YELLOW — Medium Risk (Score 5-9)

Characteristics: moderate issues that could materialize under foreseeable circumstances; warrant attention but not immediate action.

Recommended actions: implement specific controls to reduce exposure, monitor actively (monthly), document risk and mitigations thoroughly, assign single owner, brief stakeholders, define trigger events for escalation.

Examples: contract with liability cap below standard but negotiable, vendor processing personal data without clear adequacy, regulatory development affecting business in medium term, IP provision broader than preferred but common.

ORANGE — High Risk (Score 10-15)

Characteristics: significant issues with meaningful probability; could result in substantial financial, operational, or reputational impact; requires senior attention.

Recommended actions: escalate to senior counsel, develop specific mitigation plan, brief leadership, set weekly review cadence, consider outside counsel, document with full risk memo, define contingency plan.

Examples: contract with uncapped indemnification in material area, data processing activity that may violate regulation, threatened litigation from significant counterparty, IP infringement allegation with colorable basis, regulatory inquiry.

RED — Critical Risk (Score 16-25)

Characteristics: severe issues likely or certain to materialize; could fundamentally impact business; require immediate executive attention.

Recommended actions: immediate escalation to GC/C-suite/Board, engage outside counsel immediately, establish dedicated response team, notify insurers, activate crisis management for reputational risk, implement litigation hold, daily review, board reporting, regulatory notifications.

Examples: active litigation with significant exposure, data breach affecting regulated personal data, regulatory enforcement action, material contract breach, government investigation, credible IP infringement claim against core product.

Risk Assessment Memo Format

## Legal Risk Assessment

**Date**: [date]
**Assessor**: [name]
**Matter**: [description]
**Privileged**: [Yes/No]

### 1. Risk Description
### 2. Background and Context
### 3. Risk Analysis
- Severity Assessment: [1-5] - [Label] - [rationale]
- Likelihood Assessment: [1-5] - [Label] - [rationale]
- Risk Score: [Score] - [GREEN/YELLOW/ORANGE/RED]
### 4. Contributing Factors
### 5. Mitigating Factors
### 6. Mitigation Options (table: option, effectiveness, cost, recommended)
### 7. Recommended Approach
### 8. Residual Risk
### 9. Monitoring Plan
### 10. Next Steps

Risk Register Entry

Fields: Risk ID, Date Identified, Description, Category (Contract/Regulatory/Litigation/IP/Data Privacy/Employment/Corporate), Severity, Likelihood, Risk Score, Risk Level, Owner, Mitigations, Status (Open/Mitigated/Accepted/Closed), Review Date, Notes.

When to Escalate to Outside Counsel

Mandatory

  • Active litigation
  • Government investigation
  • Criminal exposure
  • Securities issues
  • Board-level matters

Strongly Recommended

  • Novel legal issues / matters of first impression
  • Jurisdictional complexity
  • Material financial exposure beyond risk tolerance
  • Specialized expertise needed (antitrust, FCPA, patent prosecution)
  • Regulatory changes requiring compliance program development
  • M&A transactions

Consider

  • Complex contract disputes with material counterparties
  • Employment matters (discrimination, wrongful termination, whistleblower)
  • Data incidents triggering notification obligations
  • IP disputes involving material products
  • Insurance coverage disputes for material claims