Legal Tech
Legal AI agents handle privileged communications and sensitive case data.
Requirements
- Attorney-client privilege protection
- Court filing requires attorney approval
- Document access audit for malpractice defense
- Isolation between client matters
Example: Legal Research Assistant
schema_version: "1.0"
name: legal-assistant
version: "1.0.0"
publisher: lawfirm-llp
capabilities:
- name: case-search
description: Search case law databases
api:
method: GET
url_pattern: "https://api.westlaw.com/v1/search/**"
rate_limit:
requests_per_minute: 60
secret_headers:
Authorization: "Bearer ${WESTLAW_API_KEY}"
- name: document-read
description: Read client documents
api:
method: GET
url_pattern: "https://dms.firm.internal/documents/**"
rate_limit:
requests_per_minute: 100
taint_labels: [privileged, client_data]
- name: court-filing
description: Submit court filings
api:
method: POST
url_pattern: "https://efiling.courts.gov/api/v1/submit"
rate_limit:
requests_per_minute: 5
requires_approval:
threshold: always
timeout_seconds: 3600
default_on_timeout: deny
- name: llm-draft
description: Draft assistance
api:
method: POST
url_pattern: "https://api.openai.com/v1/chat/completions"
rate_limit:
requests_per_minute: 30
secret_headers:
Authorization: "Bearer ${OPENAI_API_KEY}"
taint_rules:
- name: privilege-protection
deny_flow:
from_labels: [privileged, client_data]
to_capabilities: [llm-draft]
secrets:
- name: WESTLAW_API_KEY
required: true
- name: OPENAI_API_KEY
required: true
Controls
| Requirement | Hull0 Feature |
|---|---|
| Privilege protection | Taint rules block privileged data |
| Filing approval | Attorney sign-off via approval gate |
| Audit trail | Signed logs for malpractice defense |
| Rate limiting | Prevent runaway API costs |