Contract review is one of the most time-intensive tasks in legal practice. A senior associate might spend 4-6 hours reviewing a 50-page commercial agreement — extracting key terms, identifying risks, and preparing a summary. Much of that time goes to systematic, repeatable work: read every clause, check it against standards, flag deviations, organize findings.
AI can compress that initial review from hours to minutes. Not because it replaces attorney judgment, but because it handles the extraction and comparison work. The attorney's expertise then focuses where it belongs: on judgment calls, strategic advice, and negotiation recommendations.
This guide walks through the process step by step: from feeding a contract to the AI through specific prompt templates for each stage of review, ending with what AI should and should not be trusted for.
Disclaimer: AI contract analysis is a starting point, not an endpoint. AI can miss context-dependent risks, fail to account for clause interactions, and misinterpret jurisdiction-specific enforceability. Every AI analysis must be reviewed by a qualified attorney.
Before You Start: Key Principles
Always include jurisdiction. A contract governed by English law requires different analysis than one under Delaware law. Specify governing law in every prompt.
Identify your role first. Are you the buyer, the seller, the service provider, the licensee? Your risk perspective changes everything about the analysis.
Provide context about the deal. A $50K annual vendor contract warrants different risk tolerance than a $10M strategic partnership. AI cannot calibrate its risk assessment without understanding the stakes.
Protect confidentiality. Never paste contracts with actual party names into AI tools. Use find-and-replace to anonymize before prompting, or use enterprise AI platforms with data processing agreements.
The Contract Analysis Workflow
Jumping straight to "review this contract" produces shallow analysis. Breaking the process into stages produces work product that saves time.
Stage 1: Intake and Classification
I am providing a contract for review. Before substance, classify:
1. Contract type (MSA, SaaS, NDA, license, etc.)
2. Parties and their roles
3. Governing law and jurisdiction
4. Effective date and term
5. Structure (sections, exhibits, schedules)
6. Critical defined terms
[PASTE CONTRACT TEXT]Stage 2: Key Terms Extraction
Extract and summarize all key terms by category:
COMMERCIAL: scope, pricing, term/renewal, service levels,
acceptance criteria.
LEGAL: reps and warranties, liability caps/exclusions/carve-
outs, indemnification, insurance, confidentiality, data
protection, IP ownership, non-compete, termination rights,
dispute resolution, assignment, force majeure.
BOILERPLATE: entire agreement, severability, waiver, amendment,
notice, counterparts.
For each: cite section number, plain-English summary, and note
if a standard provision is missing.Stage 3: Risk Flagging
Risk analysis from [BUYER'S / PROVIDER'S / LICENSEE'S]
perspective. For EACH risk:
1. Description — what could go wrong
2. Severity — Critical / High / Medium / Low
3. Likelihood — given standard operations
4. Specific language — quote the clause
5. Impact — financial, operational, legal consequences
6. Recommendation — Accept / Negotiate (with alternative
language) / Reject
Top 5 negotiation priorities first, then complete analysis.
Organize by: financial exposure, operational risk, IP/data
risk, compliance risk, relationship risk.Deep-Dive Prompt Templates
Liability and Indemnification Analysis
Analyze the liability framework. I need total exposure:
1. Direct liability cap — amount/formula, per-claim vs.
aggregate, mutual or one-sided, carve-outs
2. Indemnification — triggers, caps, mutual?, procedure
(notice, defense control, settlement authority), exclusions
3. Consequential damages — waiver present?, types excluded,
carve-outs from exclusion
4. Insurance — required coverage, adequate for risk profile?,
additional insured?
5. Combined exposure — maximum theoretical financial exposure
and comparison to market standard for [CONTRACT TYPE]
Jurisdiction: [STATE/COUNTRY]IP Clause Review
Review all IP provisions from [OUR ROLE]'s perspective:
- Pre-existing IP: clearly defined? license rights granted?
- New IP/deliverables: ownership? work-for-hire effective?
license rights if we do not own?
- Open source: restrictions, disclosure obligations, copyleft
conflicts with ownership provisions?
- Background technology: can we keep using our tools? license-
back for improvements?
- Survival: do IP provisions survive termination?
Flag: unintended IP transfers, ambiguous joint-development
ownership, restrictions on serving other clients, and internal
contradictions.Data Protection Provisions
Review data protection provisions. Our role: [CONTROLLER /
PROCESSOR]. Data types: [DESCRIBE]. Applicable law: [GDPR /
CCPA / etc.]
Assess: DPA adequacy against GDPR Article 28 (if applicable),
security measures specificity, incident notification timeframe
and cost allocation, cross-border transfer mechanisms, sub-
processor provisions, data subject rights cooperation, and
audit rights.
Flag missing required provisions and suggest markup.Warranty and Representations Review
Analyze the representations and warranties section:
1. Scope — what is each party representing?
2. Qualifications — are reps qualified by "knowledge" or
"material" limitations that weaken them?
3. Survival — how long do reps survive closing/execution?
4. Remedies — what happens if a rep turns out to be false?
5. Bring-down conditions — must reps be true at closing?
6. Gaps — what reps are standard for [CONTRACT TYPE] but
missing here?
For each rep: identify who makes it, whether it is mutual,
what qualifiers limit it, and whether the remedy for breach
is adequate. Compare against market standard for
[CONTRACT TYPE] of [DEAL SIZE].Termination and Transition
Analyze termination provisions and practical implications:
Triggers: for cause (what constitutes cause? cure period?),
convenience (notice period? mutual?), insolvency, auto-
termination.
Effects: surviving obligations, data/deliverables/work product,
transition assistance, payment obligations, wind-down terms.
Lock-in risks: auto-renewal with narrow opt-out, minimum
commitments, early termination penalties, data portability
limits.
Provide exit playbook: step-by-step if we need out.Standard Terms Comparison
Deviation Analysis
Compare incoming contract against our standard terms
(provided below).
For EACH deviation:
1. Clause and section number
2. Our standard position
3. Their version
4. Deviation type: more favorable / less favorable / neutral
5. Risk if accepted
6. Negotiation priority: must-have / should-have / nice-to-have
7. Suggested compromise language
Table sorted by priority, then narrative strategy memo.
OUR TERMS: [PASTE]
INCOMING CONTRACT: [PASTE]Multi-Document Consistency Check
Verify consistency across related agreements:
1. [MSA] 2. [SOW] 3. [DPA] 4. [SLA]
Check: defined term consistency, cross-reference accuracy,
obligation conflicts, order-of-precedence clarity, gaps where
one document's obligations should appear in another, and
commercial alignment (pricing, payment, SLAs, termination).
List every inconsistency with documents, sections, nature of
conflict, and recommended resolution.Common Contract Types and What to Focus On
Different contract types demand different analysis priorities. Here is where to focus your AI prompts for the most common agreements.
SaaS and Software Agreements: Prioritize SLA commitments, uptime guarantees, data ownership and portability, auto-renewal mechanics, and price escalation caps. The IP section is critical — understand who owns customizations and integrations.
Professional Services Agreements: Focus on scope definition (vague scope is the top source of disputes), change order procedures, acceptance criteria, and the interplay between deliverable milestones and payment triggers. Work-for-hire provisions must be airtight.
NDAs and Confidentiality Agreements: Check the definition of confidential information (too broad or too narrow?), exclusions, the duration of obligations (especially post-termination survival), and whether residual knowledge clauses effectively gut the protections.
Vendor and Supply Agreements: Examine warranty provisions, product liability allocation, supply continuity protections, quality standards, and right-to-audit clauses. Force majeure definitions matter more here than in most other contract types.
Licensing Agreements: Territory restrictions, sublicensing rights, exclusivity provisions, and royalty calculation methodology are the key focus areas. Watch for audit rights that could be used as leverage in disputes.
Employment and Consulting Agreements: Non-compete scope and enforceability (varies dramatically by jurisdiction), IP assignment breadth, severance triggers, and change-of-control provisions. Pay close attention to how "cause" is defined for termination — the details matter enormously.
What AI Should NOT Be Trusted For
Being clear about limitations is essential to responsible use.
Jurisdiction-specific enforceability. AI has general contract law knowledge but does not reliably account for how specific courts interpret and enforce provisions. A liability cap standard in New York may face enforceability challenges in California consumer contexts. Have jurisdiction-specific questions reviewed by local counsel.
Clause interactions. Contracts are interconnected systems. The liability clause interacts with indemnification, which interacts with insurance and reps and warranties. AI analyzes individual clauses well but often misses how they amplify or undermine each other. Conduct a human review focused on interactions.
Business context and negotiation strategy. AI does not know your client's risk tolerance, negotiation leverage, relationship history, or strategic priorities. It identifies deviations from standard; you determine which deviations to accept.
Novel provisions. AI is most reliable with standard language that appears frequently in training data. Unusual structures or creative legal solutions may be misanalyzed. Treat AI analysis of non-standard provisions with extra skepticism.
Regulatory compliance verification. AI flags potential issues but should not confirm regulatory compliance. Regulations change, training data has cutoffs, and interpretation depends on enforcement patterns that may not be well-represented.
Implied terms and gap-filling. Many jurisdictions imply terms into contracts by operation of law — good faith obligations, implied warranties, statutory protections that cannot be contracted away. AI may not flag what is missing from the written agreement but legally operative nonetheless.
Handling Redlines and Negotiation Markup
AI can also assist during the negotiation phase, not just the initial review.
Redline Comparison
I will provide two versions of a contract: the original and the
redlined version. Identify every change made:
For each change:
1. Section and clause number
2. What was deleted or modified
3. What was added or substituted
4. Whether the change favors us, the counterparty, or is neutral
5. Whether the change introduces any new risk
6. Recommended response: accept / reject / counter-propose
Group by: changes we should accept, changes requiring discussion,
and changes we should reject.Post-Negotiation Consistency Verification
We have completed negotiations and made [NUMBER] changes to
the agreement. Verify the final version:
1. All agreed changes are properly reflected
2. Defined terms remain consistent throughout
3. Cross-references are still accurate
4. No internal contradictions introduced
5. Section numbering is sequential
6. Exhibits and schedules match references in the body
Flag anything that appears unresolved or inconsistent.Building a Contract Review Workflow
Step 1: Intake and Triage
Classify the contract. Standard agreements get heavier AI involvement; complex negotiations get more upfront attorney time.
Step 2: AI-Powered First Pass
Run extraction, risk flagging, and standard terms comparison. This produces comprehensive initial review in minutes.
Step 3: Attorney Review
Focus on: Are risk flags accurate? What did AI miss? Do risk ratings match actual business impact? Are suggested alternatives commercially reasonable?
Step 4: Negotiation Prep
Use verified analysis to prepare the redline and strategy memo. AI did the comparison; the attorney adds strategic judgment.
Step 5: Final Consistency Check
After negotiation, verify that changes are reflected throughout the agreement and no internal conflicts were introduced. This is where the multi-document consistency prompt is especially valuable — negotiation changes frequently introduce contradictions between the main agreement and its exhibits or schedules.
Measuring Effectiveness
Track metrics to assess how well your AI-assisted workflow is performing:
- Time saved per contract versus fully manual review
- Issues caught by AI that attorneys confirmed as valid
- Issues missed by AI that attorneys caught in review
- False positives (AI flags that turned out to be non-issues)
These metrics help you calibrate how much to rely on AI for different contract types and risk levels.
Customize these prompts for your practice. A real estate attorney needs different extraction points than a technology lawyer. Save customized prompts in SurePrompts for reuse across matters. The AI prompt generator can help build custom contract analysis prompts for specific agreement types.
Tips for Getting Better Results
Paste the full contract when possible. Partial text leads to incomplete analysis. If the contract fits within the model's context window, provide the entire document. The definitions section is especially critical — defined terms change the meaning of every clause.
Specify your role. "Review this contract" is ambiguous. "Review this contract from the buyer's perspective, identifying risks and unfavorable terms" gives the AI a clear analytical lens.
Ask for alternative language. When the AI flags a problematic clause, ask it to suggest revised language. Then have your attorney review the suggestion — AI-generated contract language must be checked for enforceability in your jurisdiction.
Run the analysis twice with different framings. First analyze from your perspective, then ask for an analysis from the counterparty's perspective. This reveals risks you might miss and helps you anticipate negotiation positions.
Keep a "lessons learned" log. After each contract matter, note what the AI caught and what it missed. Over time, this helps you calibrate how much to rely on AI analysis for different contract types and clause categories.
For related guidance, see our series on AI prompts for lawyers, legal research with AI, and AI for compliance.
FAQ
How accurate is AI contract analysis compared to manual review?
AI is strong at systematic extraction — identifying every defined term, listing termination triggers, flagging deviations from standard language. It typically catches 85-95% of issues for standard contract types. It is weaker at contextual analysis, clause interactions, and jurisdiction-specific nuance. The best results combine AI for initial systematic review with attorney expertise for context and strategy.
Should I use AI for high-stakes contracts?
AI is valuable even for high-stakes contracts, but the review workflow must be more rigorous. Use AI for extraction and comparison; invest more attorney time in review and judgment. For high-value transactions, consider running AI analysis alongside traditional review to compare results.
How do I handle contracts too long for the AI context window?
Break into logical sections: definitions, operative terms, risk allocation (reps, warranties, indemnification, liability), IP, data protection, and boilerplate. Always include definitions with whichever section you analyze — defined terms change the meaning of every clause. Analyze each section separately, then run a final consistency check across your section-by-section findings. Some enterprise AI platforms handle file uploads and chunking automatically, which can simplify this process for very long agreements.
What is the best way to start using AI for contract review?
Begin with your highest-volume, most standardized contract type — typically NDAs, standard vendor agreements, or template-based customer contracts. These have well-established market benchmarks and low risk if the AI misses something that your attorney review catches. Build confidence in the process and refine your prompts based on what works before applying AI review to more complex or higher-stakes agreements. Save your refined prompts in a tool like SurePrompts so your team can reuse them consistently.