Large Language Models (LLMs) such as ChatGPT, Claude, Gemini, and others offer a significant productivity boost, but only if lawyers know how to prompt them well.
Many legal professionals treating AI like a simple search engine overlook a critical insight: the quality of output depends entirely on the quality of the prompt. A vague or poorly structured prompt can produce inaccurate, misleading, or even professionally risky results.
- Lawyers experimenting with LLMs can produce inaccurate citations or reasoning if prompts lack professional framing and oversight.
- Prompting within legal boundaries requires a clear understanding of the context, effective ethical safeguards, and precise instructions designed to minimize risk.
- Bar associations now emphasize that competence, communication, confidentiality, oversight, and candor apply even when using AI.
This industry consensus reinforces that legal prompting is not casual chat with AI, it’s a structured legal research skill.
This blog explains how lawyers should approach LLM prompting, highlights common mistakes to avoid, and demonstrates how utilizing a ready-made Prompt Library enables legal teams to achieve consistent, reliable results without reinventing the wheel each time.
Why Understanding Prompting Matters for Legal Teams
Generic LLM outputs often:
- Hallucinate legal citations or legal rules that don’t exist
- Provide overly broad summaries that miss critical details
- Misapply legal reasoning across jurisdictions
- Omit procedural or ethical safeguards
In fact, courts and bar associations have already taken notice. In multiple U.S. cases, lawyers have submitted AI-generated briefs containing fake cases or wrong citations, leading to fines, sanctions, and judicial rebukes.
This highlights why simple, casual use of AI is not enough in legal practice; structured prompting is essential.
The Core Elements of an Effective Legal Prompt
High-performing legal prompts consistently include these key elements:
1. Define the Role
Tell the model who it should be.
Bad: “Summarize this contract.”
Better: “You are a senior contracts attorney summarizing this SaaS agreement for key obligations, risks, and non-standard clauses.”
This constrains tone, scope, and expectations.
2. Specify the Task Clearly
Good prompts spell out what you expect:
“Extract Limitation of Liability, Indemnification, and Termination clauses and compare them to typical market standards.”
This avoids generic responses.
3. Constrain the Scope
Include context about jurisdiction, standards, and source material.
- “Based only on the attached document.”
- “Assume this is governed by Delaware law.a”
- “Do not infer missing facts.”
This reduces errors and hallucinations.
4. Define Output Format
Structure output as lists, tables, or checklists.
Example:
“Produce a table comparing key contract clauses with market norms and assign risk scores.”
Structured outputs are easier to review and reuse.
Common Prompting Mistakes and How to Avoid Them
Industry guidance and consulting experience highlight these recurring errors:
1. Vague, Broad Prompts
Broad prompts make AI guess your intention. Instead, give precise directives with roles, scope, and outputs.
2. Failing to Specify Jurisdiction
Without jurisdictional constraints, AI outputs risk misapplying the law. Always include jurisdiction details in the prompt.
3. Assuming AI Understands Legal Context
AI doesn’t inherently understand legal standards or ethics — your prompt must embed them.
4. Ignoring Human Review
Always review and verify AI responses. Lawyers are responsible for the final work product regardless of AI assistance.
30 Example Prompts from Industry Best Practices
To help legal teams avoid pitfalls and get consistent value from LLMs, we built the SpotDraft Prompt Library — a collection of structured prompts designed specifically for legal workflows.
This is not a random set of questions. Each prompt is crafted to reflect actual legal tasks, with roles, constraints, and output formats embedded so that you can reuse them across matters with confidence.
I. Contract Analysis & Review
1. Summarize Attached Contract:
You are a legal analyst. Please analyze the attached contract document (DOCX or PDF) or the text I will paste below. Provide a concise summary (bullet points) of the main purpose, key obligations for each party, term/duration, and payment terms. Wait for the document or text.
2. Compare Attached Document Versions:
You are a legal comparison tool. Please compare two versions of an agreement. Attach the first version (V1) and then the second version (V2) as DOCX or PDF files, or paste the text for each sequentially. Identify the key differences and briefly explain their potential significance. Wait for the first version.
3. Extract Obligations from Attached Document:
You are a legal obligation extractor. Analyze the attached agreement (DOCX or PDF) or the text I will paste below. Extract all sentences describing a specific action or deliverable required by *either* party. List them clearly, indicating the responsible party if specified. Wait for the document or text.
4. Identify Clause Conflicts in the Attached Document:
You are a contract reviewer comparing against common standards. Analyze the attached third-party agreement (DOCX or PDF) or the text I will paste below. Identify clauses related to Limitation of Liability, Indemnification, and Governing Law that might differ significantly from typical US market standards for commercial agreements. Explain the potential issues. Wait for the document or text.
5. Review the attached NDA for Red Flags:
You are an NDA reviewer. Analyze the attached Non-Disclosure Agreement (DOCX or PDF) or the text I will paste below. Flag any common red flags, such as overly broad definitions of confidential information, indefinite terms, inclusion of non-solicitation clauses, or lack of a residual clause. Wait for the document or text.
6. Draft Standard AI Usage Clause:
Draft a balanced, standard contract clause for a B2B software agreement that permits the software provider to use anonymized and aggregated customer usage data to improve its AI models, while complying with general data protection principles.
7. Assess Risk Level from the Attached Document:
You are a contract risk assessor. Analyze the attached agreement (DOCX or PDF) or the text I will paste below. Based *only* on the provided content, give a preliminary risk assessment (Low, Medium, High) for the areas of Liability and Termination. Briefly justify your assessment for each. Wait for the document or text.
II. Legal Research
8. Explain Recent Regulatory Change Impact (General):
Explain the general impact of recent major changes in global data privacy regulations (like GDPR updates or new state laws) on businesses operating online. What are 1-2 main compliance themes?
9. Outline Compliance Basics for Key Regions:
Outline the fundamental data privacy requirements a tech company needs to consider when offering services to users in the European Union (GDPR) and California (CCPA/CPRA). List 3-4 key compliance pillars for each.
10. Research Public Enforcement Trends (Data Breach):
Based on publicly available information up to your last update, summarize general trends in regulatory enforcement actions related to data breaches by large tech companies in the US or EU.
11. Identify Market Standard Liability Caps:
What are commonly observed market standard approaches for Limitation of Liability caps in typical B2B SaaS agreements? Describe 1-2 common structures (e.g., based on fees paid).
12. Summarize Case Law Trends (Clickwrap):
Summarize general trends observed in recent US case law (within the last few years) regarding the enforceability of clickwrap or browsewrap agreements for online terms of service.
13. Explain EU AI Act Basics:
Explain the basic structure and key risk categories defined in the EU AI Act. What are the main compliance obligations associated with 'high-risk' AI systems under the Act?
III. Policy & Compliance
14. Identify Policy Update Needs for GDPR (from Attachment):
You are a compliance analyst. Analyze the attached company privacy policy (DOCX or PDF) or the text I will paste below. Review it and identify areas that might need updating to align with core GDPR principles like data subject rights (access, deletion), legal basis for processing, and data transfer mechanisms. Wait for the document or text.
15. Create Basic GDPR Compliance Checklist:
Create a basic compliance checklist (10-15 key items) outlining fundamental steps a small business should take to work towards GDPR compliance.
16. Suggest Policy Updates for AI Data Use:
Review the concept of a standard corporate data retention policy. Suggest 2-3 specific updates or considerations that should be added to such a policy to address the use of data for training AI/ML models.
17. Analyze Policy Suite for AI Gaps:
Consider standard corporate policies like Acceptable Use, Data Governance, and Information Security. What specific topics related to responsible AI use (e.g., bias mitigation, transparency, human oversight) are likely *missing* from these traditional policies? List 3-4 potential gaps.
18. Outline EU-US Data Transfer Rules:
Outline the primary mechanisms currently considered valid for legally transferring personal data from the European Union to the United States, following the Schrems II decision and subsequent developments (like the EU-US Data Privacy Framework).
IV. Knowledge Management
19. Draft Playbook Entry for Indemnification:
Draft a sample internal playbook entry for a sales team on how to respond to customer requests to broaden our standard indemnification obligations in a SaaS contract. Include a brief explanation of our typical stance and 1-2 potential fallback positions.
20. Create FAQ on Confidentiality:
Draft a short FAQ (3-5 questions) explaining the basic concept of 'Confidential Information' as used in typical business agreements. Target the language for employees without a legal background.
21. Document Generic Contract Review Process:
Document a generic, high-level, step-by-step process for how a business user might submit a third-party contract to the legal team for review. Include steps like 'Intake Form', 'Initial Triage', 'Review & Redline', 'Approval'.
22. Create Decision Framework for Legal Review:
Create a simple decision framework (yes/no questions) to help a marketing team decide if a new promotional campaign requires legal review. Include triggers like 'Makes competitive claims?', 'Uses customer testimonials?', 'Offers a prize or sweepstakes?'.
23. Develop Guide for Choosing NDA Type:
Develop a simple guide to help employees choose between a 'Mutual NDA' and a 'One-Way NDA'. Explain the difference and provide criteria for when each is appropriate.
V. Memo & Document Creation
24. Draft Memo on Remote Work Compliance:
Draft a short internal memo outlining key legal considerations (e.g., tax nexus, employment law, data security) for companies allowing employees to work remotely from different states or countries than the primary office location.
25. Create Executive Briefing on AI Regulation:
Create a concise (3-paragraph) executive briefing summarizing the global trend towards regulating Artificial Intelligence. Mention key jurisdictions (like the EU) and the general business implications (e.g., need for governance, risk assessment).
26. Draft Standard RFP Response for Data Security:
Draft a standard, generic response paragraph suitable for an RFP (Request for Proposal) describing a company's commitment to data security. Mention common practices like encryption, access controls, and regular audits (without claiming specific certifications).
27. Outline Trademark Strategy Considerations:
Outline the key factors to consider when developing a global trademark protection strategy for a new brand. Include points like core markets, linguistic checks, and the importance of usage monitoring.
28. Draft Template Termination Notice (Breach):
Draft a template termination notice letter for breach of contract. Include placeholders for [Counterparty Name], [Agreement Date], [Specific Clause Breached], [Description of Breach], and [Notice Period/Effective Date], ensuring it references the relevant contract terms. *Note: This creates a template; user fills placeholders later or provides details.*
VI. Strategic & Advisory Support
29. Outline Legal Steps for UK Market Entry:
Outline the primary legal steps and considerations for a US-based software company planning to establish a business presence and sell directly to customers in the United Kingdom. Cover entity formation, basic tax registration, and UK GDPR.
30. Assess Risks of Using Public AI Models:
Analyze the potential legal risks for a company that incorporates publicly available, third-party AI models (e.g., open-source LLMs) into its own commercial product. Consider risks related to IP rights, data privacy/confidentiality leaks, and potential biases inherited from the model. Suggest 1-2 mitigation tactics.
Why Structured Prompts Make a Difference
The goal of legal prompting is not clever wording — it is consistency, reliability, and legal defensibility. Structured prompts:
- Reduce variability across matters
- Save time compared to ad-hoc questions
- Deliver review-ready outputs
- Help junior lawyers produce higher-quality first drafts
They also help align the legal team on how work should be done, not just what needs to be done.
Getting Started: Best Practices
- Identify your top repetitive legal tasks
- Select structured prompts from the Prompt Library
- Standardize what works into your internal resources
- Train the team on consistent prompting techniques
Teams that invest a little time upfront in structured prompting see measurable efficiency gains right away.
LLMs will not replace legal judgment. But poorly prompted LLMs can create risk and waste time.
Structured prompting — and a shared Prompt Library — ensures AI supports legal work in a way that is controlled, consistent, and genuinely useful.
.avif)
