Field Guide
Practical Tools

Appendix E: The Prompt Engineering Playbook for Legal Professionals

Practical prompt engineering techniques for legal AI tools — structured prompting, chain-of-thought reasoning, role definition, and output formatting for legal-grade results.

Purpose

Prompt engineering — the skill of crafting inputs to AI systems that produce reliable, accurate, and useful outputs — is a core competency for legal professionals in 2026. This playbook provides practical techniques specifically calibrated for legal use cases, where precision, completeness, and defensibility are non-negotiable.

Principle 1: Specify the Role and Context

AI models produce better outputs when given explicit context about who they are, who the audience is, and what standard applies.

Weak prompt: "Summarise this contract."

Strong prompt: "You are a senior commercial lawyer reviewing a SaaS subscription agreement for a mid-market Australian technology company. Summarise the key commercial terms, identify any non-standard provisions that deviate from market norms, and flag any clauses that require further negotiation. The audience for this summary is the company's Head of Procurement, who is not legally trained."

The strong prompt specifies: the reviewer's role (senior commercial lawyer), the document type (SaaS subscription), the jurisdiction context (Australian), the task (summarise, identify, flag), and the audience (non-legal procurement lead). Each specification constrains the AI's output toward relevance and accuracy.

Principle 2: Define the Output Structure

Legal work product follows predictable structures. Specify the structure explicitly rather than relying on the AI's default formatting.

Weak prompt: "Review this NDA and tell me what you think."

Strong prompt: "Review this mutual NDA against the following framework and provide your analysis in the specified structure:

Structure:

  1. Classification: Green (standard, no issues), Amber (minor deviations, review recommended), or Red (material issues, senior counsel required)
  2. Key Terms Summary: Table format — Term, Our Standard, Counterparty Position, Assessment
  3. Risk Items: Numbered list of specific deviations from our standard position, with risk rating (Low/Medium/High) and recommended response for each
  4. Recommended Actions: Specific next steps, in priority order"

Principle 3: Provide Reference Material

For tasks that require comparison against a standard (playbook review, compliance assessment, clause analysis), provide the reference material in the prompt. Do not rely on the AI's general knowledge of "market standard" or "best practice" — these are vague and jurisdiction-dependent.

Weak prompt: "Does this indemnity clause meet market standards?"

Strong prompt: "Compare the indemnity clause in the attached agreement against our standard indemnity position provided below. Identify any deviations. For each deviation, assess whether it falls within our acceptable range or requires escalation.

Our Standard Position: [Insert standard clause text]

Acceptable Deviations:

  • Mutual indemnity (our standard is one-way): Acceptable if limited to IP infringement claims
  • Cap on indemnity liability: Acceptable if cap is at least 2x annual contract value
  • Exclusion of consequential damages from indemnity: Acceptable

Escalation Triggers:

  • Uncapped indemnity obligation
  • Indemnity for third-party claims beyond IP infringement
  • Indemnity survival period exceeding 24 months post-termination"

Principle 4: Chain-of-Thought Reasoning

For complex analytical tasks, instruct the AI to show its reasoning step by step. This produces more accurate outputs and, critically, makes the reasoning auditable — a reviewer can verify each step rather than evaluating an opaque conclusion.

Weak prompt: "Is this contract compliant with the Australian Privacy Act?"

Strong prompt: "Assess this data processing agreement for compliance with the Australian Privacy Act 1988. Work through the analysis step by step:

Step 1: Identify the personal information being processed and classify it by type (sensitive / non-sensitive) per the Act's definitions.

Step 2: Identify the lawful basis for processing each category of personal information.

Step 3: Assess the data security obligations in the agreement against APP 11 requirements.

Step 4: Evaluate the cross-border data transfer provisions against APP 8 requirements, including identifying the recipient countries and assessing their privacy protections.

Step 5: Identify any gaps where the agreement does not address a requirement of the APPs, or where the agreement's provisions are weaker than the APPs require.

Step 6: Provide a summary compliance assessment (Compliant / Partially Compliant / Non-Compliant) with specific recommendations for each gap identified."

Principle 5: Ensure Accuracy and Verifiability

Legal AI outputs must be accurate and verifiable. Use explicit constraints to enhance reliability and defensibility of AI-generated content.

Constraint techniques:

Citation requirements: "For every legal principle or regulatory requirement you reference, cite the specific section, clause, or provision. If you cannot cite a specific source, state 'I cannot verify this against a specific provision' rather than providing an uncited assertion."

Confidence flagging: "For each item in your analysis, indicate your confidence level: High (clearly supported by the document text), Medium (reasonable inference from the document text), or Low (requires additional information or legal research to confirm). Flag all Low-confidence items prominently."

Scope limitation: "Base your analysis solely on the document provided and the reference materials in this prompt. Do not draw on general legal knowledge for jurisdiction-specific regulatory requirements. If the document or reference materials do not address a point, state that the point cannot be assessed from the available materials."

Ground in document evidence: "Base your analysis only on contract terms that are explicitly present in the document. If a standard clause (e.g., governing law, dispute resolution) is absent from the agreement, flag it as absent and note that its inclusion would typically be expected for this agreement type."

Template 1: Contract Summary

Role: Senior commercial lawyer
Task: Summarise the attached [contract type] for [audience role]

Provide the summary in the following structure:
1. Parties and Effective Date
2. Term and Renewal: Duration, renewal mechanism, notice periods
3. Commercial Terms: Fees, payment terms, pricing adjustments
4. Key Obligations: Material obligations of each party (table format)
5. Liability and Risk: Limitation of liability, indemnities, insurance requirements
6. Termination: Termination triggers, consequences, survival clauses
7. Notable or Non-Standard Provisions: Any terms that deviate from
   standard market practice for this agreement type
8. Recommended Actions: Specific items requiring attention or follow-up

Confidence: Flag any items where your analysis is based on inference
rather than explicit contract language.

Template 2: Regulatory Impact Assessment

Role: Regulatory compliance specialist
Context: [Organisation type] operating in [jurisdictions]
Task: Assess the impact of [specific regulation/regulatory change]
on our operations

Analysis structure:
1. Regulatory Overview: Key requirements and effective dates
2. Scope Assessment: Which of our operations/activities fall within scope
3. Gap Analysis: Current compliance state vs. requirements (table format)
   - Requirement | Current State | Gap | Remediation Priority
4. Implementation Roadmap: Recommended actions in priority order with
   estimated effort and timeline
5. Risk Assessment: Consequences of non-compliance (penalties, operational
   impact, reputational risk)

Constraints: Cite specific regulatory provisions for all requirements.
Flag any areas where the regulation is ambiguous or subject to
interpretation.

Template 3: Due Diligence Review

Role: M&A due diligence reviewer
Task: Review the attached [document type] as part of due diligence for
[transaction description]

Analysis structure:
1. Document Classification: Type, date, parties, status (executed/draft/expired)
2. Key Terms: Material commercial and legal terms (table format)
3. Risk Flags: Items that present risk to the acquirer, classified as:
   - Red: Material risk requiring deal-team escalation
   - Amber: Moderate risk requiring further investigation
   - Green: Noted but manageable
4. Missing Information: Items that would typically be present in this
   document type but are absent
5. Follow-Up Questions: Specific questions for the target company arising
   from this document

Constraints: Base analysis solely on the document provided.
Do not infer terms that are not present. Flag all ambiguities.

Strategic Insight

The best legal prompts share a common architecture: role definition, structured output specification, reference material provision, step-by-step reasoning instruction, and hallucination constraints. Mastering this architecture — and building a library of tested templates for your most common tasks — is the most accessible and immediate way to improve AI output quality in your legal function.

Building Your Prompt Library

The Prompt Lifecycle

1. Draft: Create a prompt for a specific legal task using the principles above.

2. Test: Run the prompt against 5-10 representative inputs and evaluate the outputs for accuracy, completeness, and format compliance.

3. Refine: Adjust the prompt based on test results — tighten constraints where hallucination occurred, add structure where outputs were inconsistent, expand context where outputs were incomplete.

4. Validate: Have a subject matter expert review the refined prompt's outputs against a gold-standard manual analysis. The prompt should produce outputs that are at least 90% as accurate as the expert's analysis.

5. Deploy: Add the validated prompt to the team's prompt library with documentation: what it does, when to use it, what inputs it requires, and what limitations apply.

6. Maintain: Review deployed prompts quarterly. As AI models update and legal requirements change, prompts may need recalibration.

Organisational Prompt Governance

Treat the prompt library as a managed legal asset, analogous to the template library:

  • Version control: Each prompt has a version number and change log
  • Ownership: Each prompt has a designated owner responsible for accuracy and currency
  • Access control: Prompts are available to qualified users — not every prompt is appropriate for every user
  • Quality assurance: New prompts undergo the test-refine-validate cycle before deployment
  • Usage tracking: Monitor which prompts are used, how frequently, and with what outcomes — this data drives continuous improvement

Appendix D: Standard Outside Counsel Billing Guidelines (OCBG) Template

A comprehensive template for Outside Counsel Billing Guidelines — covering rate structures, staffing requirements, expense policies, and e-billing compliance.

On this page

PurposeThe Five Principles of Legal Prompt EngineeringPrinciple 1: Specify the Role and ContextPrinciple 2: Define the Output StructurePrinciple 3: Provide Reference MaterialPrinciple 4: Chain-of-Thought ReasoningPrinciple 5: Ensure Accuracy and VerifiabilityPrompt Templates for Common Legal TasksTemplate 1: Contract SummaryTemplate 2: Regulatory Impact AssessmentTemplate 3: Due Diligence ReviewBuilding Your Prompt LibraryThe Prompt LifecycleOrganisational Prompt Governance